Website configured for MTLS authentication with Self Signed Certificates; is it possible to enable IPSecurity authentication, Allowing a particular IPAddress access to the website even if MTLS fails or the user does not have a client certificate?
In general, MTLS authentication fails when a user does not have a valid client certificate. But a user wants to access the website even if that user fails to provide a valid client certificate for authentication.
So questions:
Is there another way to allow a user to access the IIS hosted website if MTLS fails?
There are many types of authentication supported in IIS (Digest, Basic, IISClientCertMapping etc. ); Can a website develop in ASP.NET hosted in IIS use these auth types in combination?
If any code changes are required or only with the IIS configurations? (Note there are some paths in ASP.Net application decorated with "Anonymous" access)
Is it possible to use IISClientCertMapping with IPSecurity? (please mention what other options/IIS configurations are needed to be tweaked as well)
