I'm pretty sure the answer is no, but here is my scenario:
Users are issued certificates and they must have a certificate to utilize this specific vendors website. I've been asked if I can use that certificate to validate them to OUR internal site. We have no connection to the issuers server, its all through a public web page.
I'd like to do this in .net if I could, but it seems IIS handles the certificates even before the .net code runs. It doesn't even need to be "really" secure, just validating that they have the cert.
If I could do something like this i'd be ideal, as I know I cannot validate the certificate against their servers.
<IIS Require certificate>
If certificate issuer = "Vendors name" then allow
I know this would be really insecure, but thats ok. It's more of an idea that everyone already has and knows how to use the certificate so we do not have to send out a username/password to everyone.
Thanks!
Users are issued certificates and they must have a certificate to utilize this specific vendors website. I've been asked if I can use that certificate to validate them to OUR internal site. We have no connection to the issuers server, its all through a public web page.
I'd like to do this in .net if I could, but it seems IIS handles the certificates even before the .net code runs. It doesn't even need to be "really" secure, just validating that they have the cert.
If I could do something like this i'd be ideal, as I know I cannot validate the certificate against their servers.
<IIS Require certificate>
If certificate issuer = "Vendors name" then allow
I know this would be really insecure, but thats ok. It's more of an idea that everyone already has and knows how to use the certificate so we do not have to send out a username/password to everyone.
Thanks!
