Hi, I am trying to setup a client certificate such that my asp.net web app can call web service using client cert. So i setup a cert.pfx in the localmachine\my store. Now i also gave the application pool identity(domain\user) which is responsible for running my asp.net web app, permissions to the priavte key using winhttpcertcgf tool. So Everything works fine but the issue is if i change the app pool identity to some other domain account(not an admin and not as myself), the asp.net application still works. This indicates to me that the private key access was not limited to app pool identity that i specified to winhttpcertcfg. When i list all users who have access to private key, i see the custom account that i gave permission and also the administrators of the machine and the local system account. So i am stumped as to how other accounts have permission to the private key. Any help is appreciated. I use Win 2k3/IIS6.0/Asp.net v2.0/.net 3.5 for my development. Vinay
↧