要求SSL证书和接受SSL证书之间有什么区别? [英] What is the difference between requiring an SSL cert and accepting an SSL cert?
问题描述
所以我知道要求SSL证书和接受之间的根本区别,一个意味着您必须拥有SSL证书,另一个意味着您不需要SSL证书。
So I know the fundamental difference between requiring an SSL cert and accepting, one means you must have an SSL certificate and the other means you don't need one.
在某个网页的IIS管理器中,我有以下设置:
In my IIS Manager for a certain webpage I have the this setup:
我遇到的问题是,当我设置要求SSL证书并将客户端证书设置为接受/忽略时,我只能使用HTTPS访问网页。现在,如果我将其更改为需要,即使使用HTTPS,我也无法再访问该网页...所以我只想弄清楚它们之间的区别,以及它对网页的影响。
The issue that I am having is that when I set Require SSL Cert and have Client certificates set to accept/ignore I can only get to webpage using HTTPS. Now if I change it to Require, I can no longer access the webpage, even with HTTPS... so I am just trying to figure out what the difference is, and how it effects the webpage.
所以也许我的问题是错误的......我不确定,我对这个问题的理解是相当有限的,所以任何帮助都会受到赞赏。
So maybe my question is phrased wrong... I'm not sure, my understanding on the subject is fairly limited, so any help would be appreciated.
谢谢!
推荐答案
客户证书认证可以是可选的或强制的,或者根本没用过。
Client-certificate authentication can be optional or mandatory, or not used at all.
- 忽略是什么时候都没用。
- 接受将获得证书(如果已提供),但也将继续提供客户未提供证书的连接。
- 要求仅继续使用具有客户端证书的连接。
- Ignore is when it's not used at all.
- Accept will take a certificate if it's presented, but will also continue with connections where the client doesn't present one.
- Require only continues with connections that have a client certificate.
客户端证书身份验证只能由SSL / TLS中的服务器,所以这个术语不太正确,但这就是IIS中使用的。
Client-certificate authentication is something that can only be initiated by the server in SSL/TLS, so this terminology isn't quite correct, but that's what's used in IIS.
这篇关于要求SSL证书和接受SSL证书之间有什么区别?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
