I am trying to use certificate authentication with ASP.NET Core 3.1. I will be hosting WebAPI in IIS using inprocess model. I looked at the sample code from official docs and tried doing the POC.
But I am not able to test it out. I have tried it with default certificate as well as custom certificate. I have added the certificate to Personal store. Run netsh commands to add ssl binding using this certificate thumbprint. When I launch the app in debug mode, I can see the site being protected by the appropriate certificate.
However, if I add [Authorize] to individual controller action method or at Controller level, I get 403 error. But I dont see the validate certificate method being triggered. So unable to identify what is the root cause. Please let me know if anyone has a working sample that I could refer to.