472,117 Members | 2,271 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 472,117 software developers and data experts.

403: Access Forbidden


i am working on my first web service project. i am writing a webpage
that consumes a ws from one of our partners, so i do not have access to
the ws code itself. this partner uses certificates for security. the
steps they gave me to access it are:
1) run wsdl.exe on the "webservice.wsdl" given to me
2) compile the resulting .CS proxy class into a .DLL assembly
3) add this to my project's References section

4) install the .PFX certificate given to me by double-clicking it,
input password
5) go into IE (or Control Panels -> Internet Options) and go to Content
tab, Certificates...
6) click on the newly installed cert and Export, doing so as a DER
X.509 ".CER" file
7) do the following in my app code:

//load up the .cer
X509Certificate cert =
X509Certificate.CreateFromCertFile(@"c:\temp\test. cer");

//attach the cert to my proxy class ws object

//app authentication for proxy object
ws.Credentials = new NetworkCredential("[name]", "[password]");

//use webservice
bool result = ws.ValidateCustomer(customerID);

....however, when i run any of the ws methods, i get a 403 error:

The request failed with HTTP status 403: Access Forbidden.

....according to my IT contact at the partner, he said their logs report
i am failing at the web server level, and am not even reaching the
application's authentication (the NetworkCredential entry). he
indicated this is due to a problem w/ my certificate.

he also said other clients are using it, and provided me w/ a secure
test-form URL that uses the service. i am able to access the URL on
their secure site, so i know it works and apparently my certificate
works (IE asks me if i want to use the installed cert, i say Yes, i get
in and can run the form).
now i am stuck. i have granted ASPNET access to the .cer file, nothing.
have also farted around with the WinHttpCertCfg command line util,

winhttpcertcfg -i webservice.pfx -p [password] -c LOCAL_MACHINE\my -a

....which i see puts in entries to "C:\Documents and Settings\All
Users\Application Data\Microsoft\Crypto\RSA\MachineKeys". no use.
obviously, im not a certificate expert. any help would be

Nov 23 '05 #1
2 5984
i am now able to successfully run the costco webservice in my C#
ASP.NET test project. there were two changes i made on my end:

1) installed .NET Framework 1.1's service pack (the 1.1 release has
it's own SP1), which cites updates to webservices, security, and
certificates. this did not immediately fix my problem... so it may not
be related.

2) added the Certifcates snap-in for the MMC windows management
utility, and using it to delete my certs, re-add the .PFX into the
"Personal" store, then exporting it to a .CER all w/ the MMC snap-in
(and not using Control Panels -> Internet Settings or IE).

works. but i should really test further to establish which of the two
fixed it... im leaning towards #2.. i read in some other places people
said it was better to let MMC manage the store settings set it properly
sets rights.

but who knows, maybe it was both. if i have time ill test it on another

Nov 23 '05 #2
tested on another machine -- it was using MMC.

the other machine did not have 1.1 SP1 installed, had the same problem
as my machine when installing the certificate just by double-clicking
the .PFX. however, after using MMC's snap-in, importing the .PFX, then
exporting the .CER, i had no trouble.

Nov 23 '05 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

reply views Thread by Oleg Konovalov | last post: by
reply views Thread by Layne L via DotNetMonster.com | last post: by
3 posts views Thread by Shamresh | last post: by
reply views Thread by leo001 | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.