1 - Is the issuer of the client cert trusted on the server?
2 - Is the CRL Distribution Point (CDP) accessible to the server?
To test, export your client cert to a .cer file and copy it to the server.
You can then double-click it and view the properties. Ensure no errors are
indicated on the "General" tab. Then click the "Details" tab and scroll
down and look at "CRL Distribution Points". Make sure you can access the
primary CDP (The first location listed) from the server.
--
Steve Johnson
On Thu, Jul 17, 2008 at 12:48 AM, Asif Raza Ashraf <[EMAIL PROTECTED]>
wrote:
> Hi, In one of my Asp.Net 2.0 application i have to retrieve the data from
> other server which is using the SSL Client certificates to authenticate.
>
> to accomplish this i have used the HttpWebRequest and pass the SSL
> Certificate to it, and it works fine while running the project from the
> Visual Studio every thing works fine but when we deploy the site to the
> IIS,
> it starts giving the error and returns the *"The remote server returned an
> error: (403) Forbidden.*"
>
> I have tried to deploy the application to both the IIS 6 and IIS 7 and the
> behavior remains same, however the request logs an event in the System
> Event
> Log which is something like "The remote server has requested SSL client
> authentication, but no suitable client certificate could be found. An
> anonymous connection will be attempted. This SSL connection request may
> succeed or fail, depending on the server's policy settings."
>
> Here is my code to create a request and pass that to the server.
>
> HttpWebRequest wr = (HttpWebRequest)WebRequest.Create(ServerURL);
>
> X509Certificate cert = new
>
> X509Certificate(HttpContext.Current.Server.MapPath("~/App_Data/CertName.p12"),
> "Password");
>
> // Also Tried This but the Problem Remains Same
>
>
>
>
> //X509Certificate.CreateFromCertFile(HttpContext.Current.Server.MapPath("~/App_Data/CertName.cer"));
>
> wr.ClientCertificates.Add(cert);
>
> wr.Method = "POST";
> wr.PreAuthenticate = true;
> byte[] bytes = Encoding.UTF8.GetBytes(RequestData);
> wr.ContentLength = bytes.Length;
> using (Stream requestStream = wr.GetRequestStream())
> {
> requestStream.Write(bytes, 0, bytes.Length);
> requestStream.Flush();
> requestStream.Close();
> }
>
> #region "getting request and processing it"
> using (WebResponse wrp = wr.GetResponse())
> {
> // Code to process the response
> }
>
> I have even used the <identity impersonate="true" userName="xxxx\xxxxx"
> password="*******"/>
>
> and also have installed the certificate to the browser but all is in in
> vain.
>
> Can any body please help me out on this.
>
> --
> Regards,
> ------
> Asif Raza Ashraf
>
> ===================================
> This list is hosted by DevelopMentor(R) http://www.develop.com
>
> View archives and manage your subscription(s) at
> http://discuss.develop.com
>
===================================
This list is hosted by DevelopMentorĀ® http://www.develop.com
View archives and manage your subscription(s) at http://discuss.develop.com
