Can't login to IIS website with Windows Authentication when using Proxied and Error 403

Hi,

I have a sub domain let’s say abc.mysite.com hosted on IIS version 10 configured to accepts only Windows Authentication.

When using non Proxied and other SSL certificates I am able to login with Windows Authentication.

The steps I’ve done are:

  1. At SSL/TLS → Origin Server I have create a new SSL Certificate and installed it on my IIS for my website.

  2. Authenticated Origin Pulls is set to True.

  3. Installed Cloudflare Origin RSA PEM on my Windows 2019 Server.

  4. encryption mode is set to Full.

  5. Edge Certificates → Always Use HTTPS is activated.

  6. Install IIS Client Certificate Mapping on my IIS.

  7. SSL Settings on my site is set to Require SSL and Client certificate is set to Require.

  8. Configuration Editor for the web site: enabled set to true and for oneToOneMappings → Add → Valid Windows Username/Password + Certificate below (the name of it is Cloudflare_CA.pem and I can’t remember from where I have download it).

-----BEGIN CERTIFICATE-----
MIIC6zCCAkygAwIBAgIUI7b68p0pPrCBoW4ptlyvVcPItscwCgYIKoZIzj0EAwQw
gY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T
YW4gRnJhbmNpc2NvMRgwFgYDVQQKEw9DbG91ZGZsYXJlLCBJbmMxNzA1BgNVBAMT
LkNsb3VkZmxhcmUgZm9yIFRlYW1zIEVDQyBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkw
HhcNMjAwMjA0MTYwNTAwWhcNMjUwMjAyMTYwNTAwWjCBjTELMAkGA1UEBhMCVVMx
EzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xGDAW
BgNVBAoTD0Nsb3VkZmxhcmUsIEluYzE3MDUGA1UEAxMuQ2xvdWRmbGFyZSBmb3Ig
VGVhbXMgRUNDIENlcnRpZmljYXRlIEF1dGhvcml0eTCBmzAQBgcqhkjOPQIBBgUr
gQQAIwOBhgAEAVdXsX8tpA9NAQeEQalvUIcVaFNDvGsR69ysZxOraRWNGHLfq1mi
P6o3wtmtx/C2OXG01Cw7UFJbKl5MEDxnT2KoAdFSynSJOF2NDoe5LoZHbUW+yR3X
FDl+MF6JzZ590VLGo6dPBf06UsXbH7PvHH2XKtFt8bBXVNMa5a21RdmpD0Pho0Uw
QzAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQU
YBcQng1AEMMNteuRDAMG0/vgFe0wCgYIKoZIzj0EAwQDgYwAMIGIAkIBQU5OTA2h
YqmFk8paan5ezHVLcmcucsfYw4L/wmeEjCkczRmCVNm6L86LjhWU0v0wER0e+lHO
3efvjbsu8gIGSagCQgEBnyYMP9gwg8l96QnQ1khFA1ljFlnqc2XgJHDSaAJC0gdz
+NV3JMeWaD2Rb32jc9r6/a7xY0u0ByqxBQ1OQ0dt7A==
-----END CERTIFICATE-----

Thanks in Advanced for any help,
AG

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.