SSL Client certificate in IIS 6.0. Different root CAs?

[Jem]

Hi,
I have an IIS 6.0 server with root certificates signed by Entrust.
I have an internal CA which I use to generate internal certificates.

I am setting the IIS 6.0 server to require Client Certificates which
means that I will need to supply Client Cerificates as part of the SSL
handshake.

So my question is:
I plan to use my internal CA to authenticate the client certificate.
I add the client root certificate into the Trusted Root Certification
Authorities on the Server

Is this sufficient?
Do I need to install the client certificate itself onto the IIS
server?

Many thanks,
Jeremy

 

[Tony Toews]

I have an IIS 6.0 server with root certificates signed by Entrust.
I have an internal CA which I use to generate internal certificates.

You have an excellent question however this newsgroup is meant for
Microsoft Access (the rapid applcation database development tool)
security questions.

Tony
--
Tony Toews, Microsoft Access MVP
Tony's Main MS Access pages - http://www.granite.ab.ca/accsmstr.htm
Tony's Microsoft Access Blog - http://msmvps.com/blogs/access/
For a convenient utility to keep your users FEs and other files
updated see http://www.autofeupdater.com/

 

[David-W-Fenton]

m:

I have an IIS 6.0 server with root certificates....

Er, this is not a forum for IIS questions, but for Microsoft Access
questions.