add Element for manyToOneMappings for iisClientCertificateMappingAuthentication [IIS Settings Schema]

  • Article

Note

For more information about the add element, see the following topic on the Microsoft IIS.net Web site: Adding Many-To-One Mappings <add>.

Adds many-to-one client certificate mappings. These mappings allow many clients to use one certificate.

Syntax

Attributes and Elements

The following sections describe attributes, child elements, and parent elements for this section.

Attributes

Attribute

Description

description

Optional string attribute.

Specifies the description of this one-to-many mapping.

enabled

Optional Boolean attribute.

Specifies whether this one-to-many mapping is enabled or not. True enables; false disables.

The default value is true.

name

Required string attribute.

Specifies the name of this one-to-many mapping.

password

Optional string attribute.

Specifies the password of the account used to authenticate clients that match this rule.

Note

To avoid storing unencrypted password strings in configuration files, always use Appcmd.exe or IIS Manager to enter passwords. If you use these management tools, the password strings will be encrypted automatically before they are written to the XML configuration files. This provides better password security than storing unencrypted passwords.

permissionMode

Optional enum attribute.

The permissionMode attribute can be one of the following possible values. The default is Allow.

ValueDescription
AllowSpecifies that clients with a matching client certificate should be allowed permission to authenticate. The numeric value is 1.
DenySpecifies that clients with a matching client certificate should be denied permission to authenticate. The numeric value is 2.

username

Optional string attribute.

Specifies the username of the account used to authenticate clients that match this rule.

Child Elements

Element

Description

rules

Optional element.

Specifies criteria for mapping client certificates with IIS so that many clients can use one certificate.

Parent Elements

Element

Description

configuration

Specifies the root element in every configuration file that is used by IIS 7.

system.webServer

Specifies the top-level section group (in ApplicationHost.config) in which this element is defined.

security

Specifies the section group that contains security-related sections.

authentication

Specifies the section group that contains authentication sections.

iisClientCertificateMappingAuthentication

Specifies the settings client certificate mapping authentication using IIS.

manyToOneMappings

Maps client certificates containing wildcard criteria to a user account for authentication.

Remarks

For more information about the add element, see the following topic on the Microsoft IIS.net Web site: Adding Many-To-One Mappings <add>.

Element Information

Configuration locations

Machine.config

ApplicationHost.config

Root application Web.config

Application Web.config

Directory Web.config

Requirements

Microsoft Internet Information Services (IIS) version 7.0

See Also

Reference

rules Element for add Element for manyToOneMapppings for iisClientCertificateMappingAuthentication [IIS Settings Schema]