Securing asp.net mvc area with client certificate

StackOverflow https://stackoverflow.com/questions/17056653

Question

I have some troubles with configuring requesting for client certificate to protect mvc area. I can easily configure this for whole application, but is it possible to do this only for one area (admin for example) ?

Was it helpful?

Solution

So, the easiest way to achieve this, is to create a folder named as your area and set required SSL settings on this folder using IIS Manager. Then you can delete this folder. IIS Manager will set required settings in applicationHost.config file. Or you can manually edit applicationHost.config.

Here is the applicationHost.config manual.

OTHER TIPS

You can add SSL requirements to specific controllers by adding [RequireHttps] at the top of the controller like so:

using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Net.Http;
using System.Dynamic;

namespace com.yourdomain.Controllers
{
    [RequireHttps]
    public class SomeController: Controller
    {
       //some logic here
    }

}

In your case this would be something like your admin controller

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top