add element for rules for manyToOneMappings for iisClientCertificateMappingAuthentication [IIS Settings Schema]

  • Article

Note

For more information about the add element, see the following topic on the Microsoft IIS.net Web site: Adding Many-To-One Mappings Rules <add>.

Specifies the rule attributes that client certificates must match to be authenticated.

Syntax

Attributes and Elements

The following sections describe attributes, child elements, and parent elements for this section.

Attributes

Attribute

Description

certificateField

Required enum attribute.

The certificateField attribute can be one of the following possible values.

ValueDescription
IssuerSpecifies the issuer of the certificate. The numeric value is 2.
SubjectSpecifies the subject of the certificate. The numeric value is 1.

certificateSubField

Required string attribute.

Specifies any of the standard fields on the certificate.

compareCaseSensitive

Optional Boolean attribute.

Specifies whether to compare values using case sensitive evaluations.

The default value is true.

matchCriteria

Required string attribute.

Specifies the data that should be compared to determine a matching certificate.

Child Elements

None.

Parent Elements

Element

Description

Configuration

Specifies the root element in every configuration file that is used by IIS 7.

system.webServer

Specifies the top-level section group (in ApplicationHost.config) in which this element is defined.

Security

Specifies the section group that contains security-related sections.

Authentication

Specifies the section group that contains authentication sections.

iisClientCertificateMappingAuthentication

Specifies the settings client certificate mapping authentication using IIS.

manyToOneMappings

Maps client certificates containing wildcard criteria to a user account for authentication.

Add

Adds many-to-one client certificate mappings. These mappings allow many clients to use one certificate.

Rules

Specifies criteria for mapping client certificates with IIS so that many clients can use one certificate.

Remarks

For more information about the add element, see the following topic on the Microsoft IIS.net Web site: Adding Many-To-One Mappings Rules <add>.

The client certificate used for authentication must be from a certificate authority that the server trusts.

Element Information

Configuration locations

Machine.config

ApplicationHost.config

Root application Web.config

Application Web.config

Directory Web.config

Requirements

Microsoft Internet Information Services (IIS) version 7.0