Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > Client Certificates: The request failed with HTTP status 403: Forbidden.

Reply
Thread Tools

Client Certificates: The request failed with HTTP status 403: Forbidden.

 
 
karlag92
Guest
Posts: n/a
 
      06-26-2007
Using C# .Net V 1.1.4322, I am attempting to call some web services
that will ONLY be consumed by our Winforms client application.

I have my web service security working from the browser by following
instructions from good resources like this:
http://www.windowsecurity.com/articl...tion-IIS6.html

I cannot successfully call the same web service from my C#
application.

I am attempting to embed my client certificate in the code so that
only my software will have the certificate. I have done this by
adding the CA cert file to the project and tagging it as an embedded
resource. I then have this method:

private static X509Certificate wsCertificate;

private static X509Certificate GetCertificate()
{
if(wsCertificate != null)
{
return wsCertificate;
}

Assembly a = Assembly.GetExecutingAssembly();
byte[] certBytes = null;

using(Stream certStream =
a.GetManifestResourceStream("DataAccess.PostinkCli ent.cer"))
{
certBytes = new byte[certStream.Length];

certStream.Read(certBytes, 0, Convert.ToInt32(certStream.Length));
}

wsCertificate = new X509Certificate(certBytes);

return wsCertificate;
}

This method gets called during configuration of my web service:

ws.ClientCertificates.Add(GetCertificate());

The resulting error is as follows:

The request failed with HTTP status 403: Forbidden.

Since the I can call this from the browser, I assume my server config
is ok. It has to something with how I'm dealing with the certificate
in the code.

Does anyone have any ideas? Keep in mind that I would really like for
my application to handle this seamlessly as I deploy without having to
install certificates on each machine it will be running on.

Or is there a much better way??????

Thanks in advance for any help or advice you can provide.

Karl

 
Reply With Quote
 
 
 
 
John Saunders [MVP]
Guest
Posts: n/a
 
      06-26-2007
"karlag92" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed) ups.com...
....
> Since the I can call this from the browser, I assume my server config
> is ok. It has to something with how I'm dealing with the certificate
> in the code.


It may have _something_ to do with you are dealing with the certificate, but
it may not be what you think. The way to find out is to use a network
monitor of some kind to find out what's happening on the wire.

Also, please tell us how you have configured IIS and ASP.NET as far as
handling certificates. I would want to be certain of whether it is IIS that
is giving you this error, or ASP.NET.

Have you looked at the certificate that is retrieved by your GetCertificate
call? Are you sure that it's valid and that it's identical to the
certificate being used from the browser?

Is it possible that the certificate isn't what's being used from the
browser, but instead your Windows credentials?
--
John Saunders [MVP]

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Problem with ReportingService.Credentials - Syste.Net.WebException - "The request failed with HTTP status 401: Unauthorized." Shree ASP .Net 0 09-02-2006 07:33 PM
The request failed with HTTP status 401: Unauthorized ad ASP .Net 2 02-18-2006 12:11 AM
The request failed with HTTP status 401: Unauthorized ad ASP .Net 0 02-17-2006 06:14 AM
The request failed with HTTP status 502: Bad Gateway muradmeghani@gmail.com ASP .Net 1 02-06-2006 10:56 PM
The request failed with HTTP status 401: Unauthorized Sachin ASP .Net 2 11-04-2005 09:15 PM



Advertisments