I am trying to use certificate authentication with ASP.NET Core 3.1. I will be hosting WebAPI in IIS using inprocess model. I looked at the sample code from official docs and tried doing the POC.
https://docs.microsoft.com/en-us/aspnet/core/security/authentication/certauth?view=aspnetcore-3.1
But I am not able to test it out. I have tried it with default certificate as well as custom certificate. I have added the certificate to Personal store. Run netsh commands to add ssl binding using this certificate thumbprint. When I launch the app in debug mode, I can see the site being protected by the appropriate certificate.
However, if I add [Authorize] to individual controller action method or at Controller level, I get 403 error. But I dont see the validate certificate method being triggered. So unable to identify what is the root cause. Please let me know if anyone has a working sample that I could refer to.
Thanks!
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…