![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 91%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
Internet Information Services
Microsoft web server software.
1,578 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 82%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBZ%3C/text%3E%3C/svg%3E)
Hi @Piyush Meshram ,
TLS(MTLS) and Authentication are not same thing. TLS occurs in the process of establishing a connection between the client and the server. Because before the connection is established, the two will exchange data and keys with each other. Then calculate to determine whether the other party is safe. This process is called a TLS handshake.
The Authentication in IIS, such as anonymous authentication, Windows authentication. All are based on successfully establishing a connection between the client and the server, and then verify the user's identity. Not the client.
So if the client cannot provide a certificate, it cannot establish a connection with the server during the TLS handshake.
- The client device cannot connect to the server, and the user cannot access the sites.
- Similarly, IIS's denial and permission of IP also need to be based on the connection.
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Bruce Zhang