SSLAlwaysNegoClientCert Metabase Property
Applies To: Windows Server 2003, Windows Server 2003 with SP1
The SSLAlwaysNegoClientCert property controls SSL client connection negotiations. If this property is set to true, any time SSL connections are negotiated, the server will immediately negotiate a client certificate, preventing an expensive renegotiation. Setting SSLAlwaysNegoClientCert also helps eliminate client certificate renegotiation deadlocks, which may occur when a client is blocked on sending a large request body when a renegotiation request is received.
| Attribute Name | Attribute Value |
|---|---|
XML Data Type |
BOOL |
WMI Data Type |
BOOL |
ADSI Data Type |
BOOL |
ABO Data Type |
BOOL |
ABO Metabase Identifier |
MD_SSL_ALWAYS_NEGO_CLIENT_CERT |
Attributes |
INHERIT |
Default Value |
FALSE |
MetaFlagsEx |
CACHE_PROPERTY_MODIFIED |
User Type |
IIS_MD_UT_SERVER |
ID |
5521 |
Configurable Locations
You can configure this property at the following locations in the IIS metabase.
| Metabase Path | IIS Admin Object Type |
|---|---|
/LM/W3SVC/n |
IIsWebServer |
/LM/W3SVC |
IIsWebService |
Code Example
For general code examples, see Code Examples to Configure Metabase Properties.