We have a Biztalk on server A, which is hosting a "Biztalk Web Service" on the locally installed IIS (7.0).
On server B (in the DMZ) we have an IIS (7.0) that is externally reachable.
On server B we also set up a redirect to the biztalk web service on server A.
Works great.
Now the question arises, what options do we have to authenticate users who want to use the web service.
My idea was to use self-created client certificates.
Due to the fact that you only can create client certificates if you use a self-created server-certificate this wont work (we use a “official” server certificate).
Are there any alternatives to implement an authentication (that also works with the forwarding)?