Before anyone gets confused, this is for IIS Express, not IIS.
We have an MVC5 app that requires SSL Client Certificate authentication. In development, this runs within the Azure Emulator, in VS2013 which runs under Admin privileges (for port 80/443).
When we launch the App inside VS2013 (F5) it runs it within the Azure Emulator but it immediately throws an HTTP Error 500.19 - Internal Server Error with details
This configuration section cannot be used at this path. This happens when the section is locked at a parent level. Locking is either by default (overrideModeDefault="Deny"), or set explicitly by a location tag with overrideMode="Deny" or the legacy allowOverride="false".
And the config source is our MVC5 app's web.config, at the following line:
<security>
<access sslFlags="SslNegotiateCert" />
</security>
Interestingly, I have already setup the c:\users\<my_username>\Documents\IISExpress\Config\applicationhost.config
to have
<section name="access" overrideModeDefault="Allow" />
There isn't much documentation on this but whatever we can glean off Google indicates that for regular IIS Express, that should be sufficient. I suspect running IIS Express within the Azure Emulator+Admin privileges breaks something but can't diagnose this.
Does anyone have an idea how to get this working?