SSLAlwaysNegoClientCert Metabase Property

Applies To: Windows Server 2003, Windows Server 2003 with SP1

The SSLAlwaysNegoClientCert property controls SSL client connection negotiations. If this property is set to true, any time SSL connections are negotiated, the server will immediately negotiate a client certificate, preventing an expensive renegotiation. Setting SSLAlwaysNegoClientCert also helps eliminate client certificate renegotiation deadlocks, which may occur when a client is blocked on sending a large request body when a renegotiation request is received.

Attribute Name Attribute Value

XML Data Type

BOOL

WMI Data Type

BOOL

ADSI Data Type

BOOL

ABO Data Type

BOOL

ABO Metabase Identifier

MD_SSL_ALWAYS_NEGO_CLIENT_CERT

Attributes

INHERIT

Default Value

FALSE

MetaFlagsEx

CACHE_PROPERTY_MODIFIED

User Type

IIS_MD_UT_SERVER

ID

5521

Configurable Locations

You can configure this property at the following locations in the IIS metabase.

Metabase Path IIS Admin Object Type

/LM/W3SVC/n

IIsWebServer

/LM/W3SVC

IIsWebService

Code Example

For general code examples, see Code Examples to Configure Metabase Properties.