By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
444,017 Members | 1,158 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 444,017 IT Pros & Developers. It's quick & easy.

getting 403: forbidden when attempt to access SSL secured webservice

P: n/a
Hi,

I have an ASP.net page, written in VB.net. In that code I want to access a
validator web services that is secured via SSL. I have installed the
certificate, via a .pfx file, on the system. I can browse to the service
and appear to be getting through However, from my server page I cannot
access the web service. The call to the service generates the exception
"Request failed with HTTP status 403: Forbidden".

I had previously received this error when I attempted to access the service
via IE. But specifying the appropriate Client Certificate when asked seemed
to fix the problem. I read that I need to do something similar in code so I
implemented the ICertificatePolicy class's member CheckValidationResult()
returning true. The code I use to do this is:

Public Class NetPolicy implements ICertificatePolicy

Public Function CheckValidationResult (....) as boolean
Return True
End Function

End Class

The code that calls the webservice ValidateWS() is:

Function Validate(id as integer) as boolean

dim result as boolean

System.Net.ServicePointManager.CertificatePolicy = new NetPolicy
result =WebServer.ValidateWS(id) ' this is where the exception is
generated
return result

End function
Any thoughts or pointers?

Thanks,

Jerry
Nov 23 '05 #1
Share this Question
Share on Google+
3 Replies


P: n/a
BTW, the error is also generated on a VB.net winform app.
"JerryK" <je****@nospam.com> wrote in message
news:OM**************@TK2MSFTNGP15.phx.gbl...
Hi,

I have an ASP.net page, written in VB.net. In that code I want to access
a validator web services that is secured via SSL. I have installed the
certificate, via a .pfx file, on the system. I can browse to the service
and appear to be getting through However, from my server page I cannot
access the web service. The call to the service generates the exception
"Request failed with HTTP status 403: Forbidden".

I had previously received this error when I attempted to access the
service via IE. But specifying the appropriate Client Certificate when
asked seemed to fix the problem. I read that I need to do something
similar in code so I implemented the ICertificatePolicy class's member
CheckValidationResult() returning true. The code I use to do this is:

Public Class NetPolicy implements ICertificatePolicy

Public Function CheckValidationResult (....) as boolean
Return True
End Function

End Class

The code that calls the webservice ValidateWS() is:

Function Validate(id as integer) as boolean

dim result as boolean

System.Net.ServicePointManager.CertificatePolicy = new NetPolicy
result =WebServer.ValidateWS(id) ' this is where the exception is
generated
return result

End function
Any thoughts or pointers?

Thanks,

Jerry

Nov 23 '05 #2

P: n/a
You need to export the certficate (without private key) from IE into a .cer
file.

Then you need to open MMC, add the certificates Snap-In and import the certificate
into the trusted root authorities. (also known as the machine store)

Finally, you need to attach the certificate to the request

serviceProxy.ClientCertificates.Add(System.Securit y.Cryptography.X509Certificates.X509Certificate.Cr eateFromCertFile("c:\\yourCert.cer");

-Trevor
Hello JerryK,
BTW, the error is also generated on a VB.net winform app.

"JerryK" <je****@nospam.com> wrote in message
news:OM**************@TK2MSFTNGP15.phx.gbl...
Hi,

I have an ASP.net page, written in VB.net. In that code I want to
access a validator web services that is secured via SSL. I have
installed the certificate, via a .pfx file, on the system. I can
browse to the service and appear to be getting through However, from
my server page I cannot access the web service. The call to the
service generates the exception "Request failed with HTTP status 403:
Forbidden".

I had previously received this error when I attempted to access the
service via IE. But specifying the appropriate Client Certificate
when asked seemed to fix the problem. I read that I need to do
something similar in code so I implemented the ICertificatePolicy
class's member CheckValidationResult() returning true. The code I
use to do this is:

Public Class NetPolicy implements ICertificatePolicy

Public Function CheckValidationResult (....) as boolean
Return True
End Function
End Class

The code that calls the webservice ValidateWS() is:

Function Validate(id as integer) as boolean

dim result as boolean

System.Net.ServicePointManager.CertificatePolicy = new NetPolicy
result =WebServer.ValidateWS(id) ' this is where the exception is
generated
return result
End function

Any thoughts or pointers?

Thanks,

Jerry


Nov 23 '05 #3

P: n/a
Trevor,

Thanks for the reply.

I added the code that adds the certificates to the clientCertificate
collection and that seems to work for the WinForm version. It did not
however, effect the ASP.Net version.

I did as you suggested added the certificates using the MMC. When I
launched the snap in it came up with a dialog that Says, this snap in will
always manage certificates for: My user account, Service Account, or
Computer account. I added the snap in 3 times, once for My User Account,
Computer Account, and Service Account. For the Service Account is asked me
the service name, and I selected the Machine Debugger Account.

I do not have a single certificate but rather three certificates that are
designed to be in 3 different stores. At least that is what the guy who
gave them to me said. We have a root certificate, that resides in the
Trusted Root Certificate Authority. Then there is a intermediate
certificate that resides in the Intermediate Certificate Authorities.
Finally there is a Personal Certificate that resides in the Personal
Certificate Authority. The Personal Certificate's path points to the
Intermediate Certificate, which in turn points to the Root Certificate.

I placed each of these certificates in the appropriate stores for the User,
Service, and Computer accounts. However, I am still generating the 403:
Forbidden error from the asp.net page. I thought this might be an account
issue, but I do have impressionation enabled and am using the administrator
account, which works with the WinForms version.

Any thoughts?

jerrry
"Trevor Pinkney" <tp******@cyence.com> wrote in message
news:43********************@news.microsoft.com...
You need to export the certficate (without private key) from IE into a
.cer file.

Then you need to open MMC, add the certificates Snap-In and import the
certificate into the trusted root authorities. (also known as the machine
store)

Finally, you need to attach the certificate to the request

serviceProxy.ClientCertificates.Add(System.Securit y.Cryptography.X509Certificates.X509Certificate.Cr eateFromCertFile("c:\\yourCert.cer");

-Trevor
Hello JerryK,
BTW, the error is also generated on a VB.net winform app.

"JerryK" <je****@nospam.com> wrote in message
news:OM**************@TK2MSFTNGP15.phx.gbl...
Hi,

I have an ASP.net page, written in VB.net. In that code I want to
access a validator web services that is secured via SSL. I have
installed the certificate, via a .pfx file, on the system. I can
browse to the service and appear to be getting through However, from
my server page I cannot access the web service. The call to the
service generates the exception "Request failed with HTTP status 403:
Forbidden".

I had previously received this error when I attempted to access the
service via IE. But specifying the appropriate Client Certificate
when asked seemed to fix the problem. I read that I need to do
something similar in code so I implemented the ICertificatePolicy
class's member CheckValidationResult() returning true. The code I
use to do this is:

Public Class NetPolicy implements ICertificatePolicy

Public Function CheckValidationResult (....) as boolean
Return True
End Function
End Class

The code that calls the webservice ValidateWS() is:

Function Validate(id as integer) as boolean

dim result as boolean

System.Net.ServicePointManager.CertificatePolicy = new NetPolicy
result =WebServer.ValidateWS(id) ' this is where the exception is
generated
return result
End function

Any thoughts or pointers?

Thanks,

Jerry


Nov 23 '05 #4

This discussion thread is closed

Replies have been disabled for this discussion.