Client Certificates on Windows
When you run on Windows a mapping which requires client certificates, the conditions to run the mapping successfully are as follows:
•The client certificate must exist in the Current User\Personal certificate store (also referred to as the My store). For the certificate to exist in this store, it must be imported through the Certificate Import Wizard. For instructions, see https://technet.microsoft.com/en-us/library/cc754489(v=ws.11).aspx.
•The certificate must have a private key.
•The Enhanced Key Usage property of the certificate must include "Client authentication" as purpose.
In the current version of MapForce, due to a limitation of the library used by MapForce, Windows will select the required certificate automatically from the certificate store when you run the mapping. The mapping will execute successfully if, after filtering the Current User\Personal certificate store, the server finds a suitable certificate. Note that the HTTPS authentication (and the certificate selection operation) is managed by Windows and is not controlled by MapForce or MapForce Server. In some cases, if multiple certificates exist in the Current User\Personal store, an unsuitable certificate may be selected automatically by the operating system, which causes the mapping execution to fail. This situation can be avoided by limiting the number of certificates available in the Current User\Personal store.