Hi Steve,
Thanks for the reply,
In the General Tab there is no error and it has the Text Under This
Certificate is Intended for the following purposes: "All application
policies"
On the Details Tab I didn't find any CRL Distribution Points. but there is a
Key Usage field which says "Digital Signature, Key Encipherment, Data
Encipherment (b0)"
--
Regards,
------
Asif Raza Ashraf
On Thu, Jul 17, 2008 at 3:17 PM, Steve Johnson <[EMAIL PROTECTED]> wrote:
> 1 - Is the issuer of the client cert trusted on the server?
> 2 - Is the CRL Distribution Point (CDP) accessible to the server?
>
> To test, export your client cert to a .cer file and copy it to the server.
> You can then double-click it and view the properties. Ensure no errors are
> indicated on the "General" tab. Then click the "Details" tab and scroll
> down and look at "CRL Distribution Points". Make sure you can access the
> primary CDP (The first location listed) from the server.
>
> --
> Steve Johnson
>
> On Thu, Jul 17, 2008 at 12:48 AM, Asif Raza Ashraf <[EMAIL PROTECTED]>
> wrote:
>
> > Hi, In one of my Asp.Net 2.0 application i have to retrieve the data from
> > other server which is using the SSL Client certificates to authenticate.
> >
> > to accomplish this i have used the HttpWebRequest and pass the SSL
> > Certificate to it, and it works fine while running the project from the
> > Visual Studio every thing works fine but when we deploy the site to the
> > IIS,
> > it starts giving the error and returns the *"The remote server returned
> an
> > error: (403) Forbidden.*"
> >
> > I have tried to deploy the application to both the IIS 6 and IIS 7 and
> the
> > behavior remains same, however the request logs an event in the System
> > Event
> > Log which is something like "The remote server has requested SSL client
> > authentication, but no suitable client certificate could be found. An
> > anonymous connection will be attempted. This SSL connection request may
> > succeed or fail, depending on the server's policy settings."
> >
> > Here is my code to create a request and pass that to the server.
> >
> > HttpWebRequest wr = (HttpWebRequest)WebRequest.Create(ServerURL);
> >
> > X509Certificate cert = new
> >
> >
> X509Certificate(HttpContext.Current.Server.MapPath("~/App_Data/CertName.p12"),
> > "Password");
> >
> > // Also Tried This but the Problem Remains Same
> >
> >
> >
> >
>
> //X509Certificate.CreateFromCertFile(HttpContext.Current.Server.MapPath("~/App_Data/CertName.cer"));
> >
> > wr.ClientCertificates.Add(cert);
> >
> > wr.Method = "POST";
> > wr.PreAuthenticate = true;
> > byte[] bytes = Encoding.UTF8.GetBytes(RequestData);
> > wr.ContentLength = bytes.Length;
> > using (Stream requestStream = wr.GetRequestStream())
> > {
> > requestStream.Write(bytes, 0, bytes.Length);
> > requestStream.Flush();
> > requestStream.Close();
> > }
> >
> > #region "getting request and processing it"
> > using (WebResponse wrp = wr.GetResponse())
> > {
> > // Code to process the response
> > }
> >
> > I have even used the <identity impersonate="true" userName="xxxx\xxxxx"
> > password="*******"/>
> >
> > and also have installed the certificate to the browser but all is in in
> > vain.
> >
> > Can any body please help me out on this.
> >
> > --
> > Regards,
> > ------
> > Asif Raza Ashraf
> >
> > ===================================
> > This list is hosted by DevelopMentor(R) http://www.develop.com
> >
> > View archives and manage your subscription(s) at
> > http://discuss.develop.com
> >
>
> ===================================
> This list is hosted by DevelopMentor(R) http://www.develop.com
>
> View archives and manage your subscription(s) at
> http://discuss.develop.com
>
===================================
This list is hosted by DevelopMentorĀ® http://www.develop.com
View archives and manage your subscription(s) at http://discuss.develop.com
