I am trying to configure AOP on a test site and wondering where this is going wrong…
- Added iisClientCertificateMappingAuthentication role to IIS 8
- Disabled all Authentication forms, except for Windows Auythentication
- Changed SSL Settings to Require SSL | Require Client Certificate
- Added Cloudflare Certificate from https://support.cloudflare.com/hc/en-us/articles/204899617 to the Trusted Root Certificate Authorities showing as “origin-pull.cloudflare.net”
5.Open IIS Manager, go to site, open Configuration Editor and navigate to system.webServer/security/authentication/iisClientCertificateMappingAuthentication
At this point I tried to add a Many-to-one relationship but whatever I do my site returns 403.
Are there some specific instructions on how create the relationship, identify the certificate, etc?
The blog post https://blog.cloudflare.com/protecting-the-origin-with-tls-authenticated-origin-pulls/ mentioned instructions would be added but there’s nothing for IIS there.