Mapping Certificates
Note
The information in this topic is valid only for servers that require client authentication.
When a server application requires client authentication, Schannel automatically attempts to map the certificate supplied by the client to a user account.
After the security context has been established, the server application can use the QuerySecurityContextToken function to obtain an access token for the user account to which the client certificate was mapped. Also, the server can use the ImpersonateSecurityContext function to impersonate the client.
For more information on authentication, see Performing Authentication Using Schannel.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for