需要 SSL 证书和接受 SSL 证书有什么区别? [英] What is the difference between requiring an SSL cert and accepting an SSL cert?
问题描述
所以我知道需要 SSL 证书和接受 SSL 证书之间的根本区别,一种意味着您必须拥有 SSL 证书,另一种意味着您不需要.
So I know the fundamental difference between requiring an SSL cert and accepting, one means you must have an SSL certificate and the other means you don't need one.
在我的某个网页的 IIS 管理器中,我有这样的设置:
In my IIS Manager for a certain webpage I have the this setup:
我遇到的问题是,当我设置 Require SSL Cert 并将客户端证书设置为接受/忽略时,我只能使用 HTTPS 访问网页.现在,如果我将其更改为 Require,即使使用 HTTPS,我也无法再访问该网页……所以我只是想弄清楚有什么区别,以及它如何影响网页.
The issue that I am having is that when I set Require SSL Cert and have Client certificates set to accept/ignore I can only get to webpage using HTTPS. Now if I change it to Require, I can no longer access the webpage, even with HTTPS... so I am just trying to figure out what the difference is, and how it effects the webpage.
所以也许我的问题措辞有误...我不确定,我对这个主题的理解相当有限,因此我们将不胜感激.
So maybe my question is phrased wrong... I'm not sure, my understanding on the subject is fairly limited, so any help would be appreciated.
谢谢!
推荐答案
客户端证书身份验证可以是可选的或强制的,或者根本不使用.
Client-certificate authentication can be optional or mandatory, or not used at all.
- 忽略是指根本不使用它.
- 接受将获取证书(如果提供),但也会继续连接客户端未提供的连接.
- 要求仅继续使用具有客户端证书的连接.
- Ignore is when it's not used at all.
- Accept will take a certificate if it's presented, but will also continue with connections where the client doesn't present one.
- Require only continues with connections that have a client certificate.
客户端证书身份验证只能由服务器在 SSL/TLS 中启动,因此该术语不太正确,但 IIS 中使用的就是这样.
Client-certificate authentication is something that can only be initiated by the server in SSL/TLS, so this terminology isn't quite correct, but that's what's used in IIS.
这篇关于需要 SSL 证书和接受 SSL 证书有什么区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
