A client side certificate is a certificate you use to establish your server to the client. This is the best way for the server to "know" exactly who is connecting to it. It works a lot like having a username and a password on your server but without having to interact with the user. This certificate is used when the client must be known without having to enter a username and password.
These certificates are quite useful as far as the security of your network. They are created on the Internet server on your computer and can be requested by the client’s computer. That way, the security of your network is a lot stronger. The client will know that all the information they have sent to your computer is secured with a digital signature provided by the host domain server.
It is very important that you know how to create the client certificate on your computer. There are several steps in this process:
1. Click on the windows "start" button and select the "settings" button. Once you are inside of this menu, select the "control panel".
2. Click twice on the "administrative tasks" icon.
3. Click twice on the Internet information service icon.
4. Right-click on the web server virtual directory and select "properties".
5. Click on the "directory security tab".
6. Click on the "edit" button. This is going to be found in the secure communications section.
7. Check the box that says "require secure channel". This will allow all of the requirements for security when the user is trying to access the directory.
8. Click on the "require client certificates" button. You will also need to check on the "enable client certificate mapping" button.
9. Click on the "edit" button.
10. Select on the "many to 1" tab.
11. Click on the "add" button. In the new window that is going to appear, enter a name for the new rule. This rule is the one encrypted so that it is secure to use. You can click on the "next" button once you have entered the name.
12. Make sure to enter the name of the organization and click on the "OK" button.
13. Click on the "accept this certificate". This needs to be done when the mapping windows appears.
14. Click on the "finish button".
15. Click on the OK button and close out the window. These are the top fifteen steps to creating client side certificates on the Internet Information Service console after which you need to test out your configuration.
There are three main steps in testing out your configuration:
1. Open up your Internet browser. This is how you will navigate inside of your Web directory which is now very secure. Check the web address to see what it looks like. It should be similar to this: https://localhost/mySecurityDirectory/mySecurePage.aspx.
2. Make sure you receive a message that says your secure certificate was validated as the certificate must communicate with the application. The application is then displayed to the user.
3. Close out the Internet browser.
All of these steps together are necessary to ensure your Internet browser is very secure for your clients. Thus, follow each one of these steps very carefully as if you miss one, then probably it will not work properly.