Hello All,
I have an issue where my IIS server has many certificate in the Root trust store. My application running on this IIS requires a client certificate.
So when the SSL handshake happens, the Server sends the client, a list of trusted root ca certificate names along with the Server certificate's Root CA.
So, if lets say, the Server Certificate was issued by a ROOT CA "A1", and the server has let say 5 trusted Root CA "B1, B2, B3, B4".
The Client receives A1, B1, B2, B3, B4 [Root CA cert names]
Now, this prompts the browser prompting the user with the list of client certificates present in the Clients store issued by CA's trusted by all these 5 CA's. And for some strange reason, the wrong client certificate that is not from A1 is being selected.
Is there a IIS setting to limit the IIS/Server from sending all the trusted Root CA certs and send only the Server Certificate's Root CA ??
Any help on this is highly appreciated.
Regards
Vivek