So lets say you’re moving from Windows 2008 R2 IIS 7.5 to something newer and you have Certificate Trust List (CTL) you use for CAC authentication. You’re used to that CTL being passed down to the client to then filter the user certificates on their system to only be the ones available that you want them to be. You migrate to Windows 2019 with IIS 10 and instead of that nice filtered list you instead get ALL certificates on a user’s system instead.
Continue reading “IIS 8 through IIS 10 don’t respect CTL list for client side certificate filtering”
You must be logged in to post a comment.