I had the same problem a couple of monthes ago and resolved by diving
in MSDN online documentation typing "How to trust a CA Certificate"
where MSDN let you ask a free text question. I had some answers back
from MSDN and one of them was actually how to correctly install the
root-CA certificate so that IIS Server not only trusts it but also
lists it in the accepted CA list when asking a certificate to your
client. I don't recall exaclty how I did, it looked like some sort of
black magic and voodoo practice but I did it without wondering what and
why and it worked. All I recall is that it works from SP 4 upwards.
Pietro
> Hi,
> Thanks for Coronado's answer first.
> But I think my problem is not that.
> I generated three certificates,one is self siged for CA,one is for
IIS server,and
> the last one is for IE.The last two are siged by the first one.
> I get every certificate in the right place(I think so:-),I just
describe the situation in IE,the CA certificate is imported to the
trusted root CA category,
> the IE's certificate is imported to the personal category,after
installed,I view
> the ceritficates,IE said that there is no problem.
> When I connected to the IIS server,the server's certificate is
accepted by IE,
> but the personal certificate don't have the fortune,It seens that IE
can't find it
> or don't think it can used for signing myself.
> Oh my god,save me!(Does god know certificate?)
>
> Rodrigo Coronado wrote£º
> >Hi Xiao. As nobody answer, I would humbly suggest you to check that
you have a correctly (in the place for trust anchors) installed
issuer's certificate (CA cert). I think
> >I heard something like this a month ago in the list.
> >Rodrigo.
> >
> xiaohudong wrote:
> >
> >> Greetings all:
> >> I have encountered a strange problem,after importing the
certificates to IE5.5,I
> >> try to connect to IIS5.But when IE asking me to choose a
certificate to authenticate myself,the imported certificate was not
shown in the certificates list,how can I do?
> >> btw:I have let the certificate to be used for all purpose.
> >> Can anyone help me,thanks.
> >> I am from China,so my Englis is not well,hope somebody can
understand me:-)
>
> xiaohudong
> [EMAIL PROTECTED]
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
