I'm developing a PHP application on a development server at my house and I can't, for the life of me, get the browser to prompt me for my client certificate that is available on my smart card. Accomplished steps:
- created a self-signed certificate for the server
- imported DoD certificates as trusted root certificates
- configured the SSL binding for IIS
- configured SSL settings to require SSL and require a client certificate
No dice. All I get is "403 - Forbidden: Access is denied." Clearly I'm missing something and clearly my knowledge is lacking. Any help? Here's the SSL certificate info from the command line. Any idea why "Negotiate Client Certificate" is disabled? Is that even a factor and how do I correct that if it is?
SSL Certificate bindings:
-------------------------
IP:port : 0.0.0.0:443
Certificate Hash : 4d49aefede39d61f684591abba5b96c31309a2b0
Application ID : {4dc3e181-e14b-4a21-b022-59fc669b0914}
Certificate Store Name : MY
Verify Client Certificate Revocation : Enabled
Verify Revocation Using Cached Client Certificate Only : Disabled
Usage Check : Enabled
Revocation Freshness Time : 0
URL Retrieval Timeout : 0
Ctl Identifier : (null)
Ctl Store Name : (null)
DS Mapper Usage : Disabled
Negotiate Client Certificate : Disabled