I have been doing some research on this the past couple days and have yet to find a solution. I have seen suggestions that include the php Exec() function to call an outside application to handle this. I have been looking for a tutorial like this one for a PHP based site - http://securitythroughabsurdity.com/2007/04/implementing-smart-card-authentication.html. Any advice or guidance on this would be greatly appreciated.
Thanks, Jerry
Edit - I was checking this post out How to make php application to require smart card authentication but it does not pertain to my goal. Can the SSLVerifyClient require be used with a Smart Card?
We use smartcard solutions in Estonia a lot because of national ID support in many places. I think you look bit confused by something - you do not need exec(). What you need, is to configure your web server (IIS in this case) to request client for certificate. This has nothing to do with PHP. This can be done based on path, subdomain or like this and this can be optional or required. For example we often configure subdomain a la http://id.foobar to be accessible with ID only. Chipcard is just carrier for certificate and keys. Usually this is anyway "client based certificate" and google for it. It is possible to configure mandatory or optional client certificate requirement. Mandatory is safer because people without ID card have no chance to see anything on your server. But this has also downside - they also cannot see any error messages from you. We often use optional requirement. On PHP side you just receive some sort of environment variable. You need to check for his contents. You get what you search for by Googling for SSL_CLIENT_S_DN. This is the name of variable you get when using Apache web server. About IIS I know nothing but fundamentals are same, just variables and configuration options are named different.