Re: Certificate Services//InfoPath Form

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

I figured I would defer to those with more experience, but seing as
nobody has responded,
I can provide some limited insight (not a guru by any stretch).

You are right that you need a certificate to access local client
resources, your application
must be "trusted" which involves some settings in the Infopath form
and a certificate (and MAY
require some settings in the WebConfig, but not sure on that one).

You do not have to issue client certificates as far as I know, that is
an additional
way to secure your application so that only the people you want to
access the app
will have the appropriate certificate. For internal use, you could use
a local CA.
You users will get a message everytme they open the form unless they
"install" or
trust the certificate (various ways to do that), you could google for
detailed instructions.

Again, not a guru, but I hope this helps.

On May 10, 6:48 pm, JohnJohn <JohnJ...@xxxxxxxxxxxxxxxxxxxxxxxxx>
wrote:
I have created a SharePoint 3.0 site for a company's intranet on a Windows
Server 2003 server.  There is a document library with a custom workflow that
uses an InfoPath 2007 form for collecting data that is submitted to a
database.

There is some very simple custom code inside the InfoPath form that executes
on the client computers.  Evidently, I HAVE to install Certificate Services
on the server and issue a digial certificate for this form for each client
computer in order for this form to run.  I know next to nothing about
Certificate Services.

I want to make this as unobtrusive as possible.  From the limited research
I've done, it LOOKS like I just need to install a Standalone Certificate
Authority and use that to issue digital certificates for the form.

Does this sound correct to anyone here?  Are there any other considerations?
 This is for a very small company (there will be about 13 users of this
site/InfoPath form) - they are running Windows Small Business Server 2003.

I'm just looking for guidance, or confirmation that I'm on the right path.

Need any more info?  Let me know.

Thank you,
John

.

Relevant Pages

  • Re: Need for encryption in WSE 3.0 if using SS-avoid man-in-middle
    ... SSL only validates you are talking to a SSL certified server; ... They can simply edit the URL the client program ... can be done by using a X.509 certificate on both ends, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: LDP client authentication fails
    ... I got the LDP working with LDAP server under server client authentication ... I did not installed the certificate in pfx format .. ... Client cert auth won't work without that. ...
    (microsoft.public.windows.server.active_directory)
  • Re: SSL & Man In the Middle Attack
    ... >> it possible for the middle man to intercept all messages from server to me ... > server sends client a signed message along with a digital certificate. ... > client generates a random secret key, ...
    (comp.security.misc)
  • Re: activesync issue
    ... On the SBS 2003 Server open the Server Management console. ... On the "Web Server Certificate" page, choose to create a new Web server ... Install the new certificate which created in above step on mobile device: ... Access to browse the Exchange Server 2003 client after you install ...
    (microsoft.public.windows.server.sbs)
  • Re: Need for encryption in WSE 3.0 if using SS-avoid man-in-middle
    ... order to detect we are connected to the wrong server (even though its SSL ... certificate is OK and valid by Verisign); we would need a client certificate. ... this can be detected by SSL/HTTPS client in ...
    (microsoft.public.dotnet.framework.aspnet.security)