RE: HTTPS Send Port + Client Certificate Authentication
From: WenJun Zhang[msft] (v-wzhang_at_online.microsoft.com)
Date: 01/11/05
- Next message: KalyanT: "Dynamically pass parameters to Stored Procedures through Orchestra"
- Previous message: Doug Girard [MSFT]: "Re: Remote Developing with BizTalk"
- In reply to: Doug: "HTTPS Send Port + Client Certificate Authentication"
- Next in thread: Doug: "RE: HTTPS Send Port + Client Certificate Authentication"
- Reply: Doug: "RE: HTTPS Send Port + Client Certificate Authentication"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 11 Jan 2005 01:34:59 GMT
Hi Doug,
To address the problem, you should first determine which the exact
kind of 403 errors was returned by the remote web server. All the 403
errors defined in IIS are:
403 - Forbidden. IIS defines a number of different 403 errors that
indicate a more specific cause of the error:
403.1 - Execute access forbidden.
403.2 - Read access forbidden.
403.3 - Write access forbidden.
403.4 - SSL required.
403.5 - SSL 128 required.
403.6 - IP address rejected.
403.7 - Client certificate required.
403.8 - Site access denied.
403.9 - Too many users.
403.10 - Invalid configuration.
403.11 - Password change.
403.12 - Mapper denied access.
403.13 - Client certificate revoked.
403.14 - Directory listing denied.
403.15 - Client Access Licenses exceeded.
403.16 - Client certificate is untrusted or invalid.
403.17 - Client certificate has expired or is not yet valid.
403.18 - Cannot execute requested URL in the current application
pool. This error code is specific to IIS 6.0.
403.19 - Cannot execute CGIs for the client in this application
pool. This error code is specific to IIS 6.0.
403.20 - Passport logon failed. This error code is specific to IIS
6.0.
If the web server is IIS6 on Win2K3, you can collect the web site's
IIS log in \Windows\System32\Logfiles\W3SVC[SiteID] directory. Search
the request records from your Biztalk machine, the sc-status field is
server return code which should be 403 and the next sc-substatus
field is the required subcode.
Furthermore, I wonder if you install the client certificate into your
correct logon account's Personal store and then access the web site
via IE, what will happen? Will it properly prompt you to select the
client certificate from dialog?
Please let me know if you get any progress or findings.
Thanks.
Best regards,
WenJun Zhang
Microsoft Online Support
This posting is provided "AS IS" with no warranties, and confers no
rights.
Get Secure! - www.microsoft.com/security
- Next message: KalyanT: "Dynamically pass parameters to Stored Procedures through Orchestra"
- Previous message: Doug Girard [MSFT]: "Re: Remote Developing with BizTalk"
- In reply to: Doug: "HTTPS Send Port + Client Certificate Authentication"
- Next in thread: Doug: "RE: HTTPS Send Port + Client Certificate Authentication"
- Reply: Doug: "RE: HTTPS Send Port + Client Certificate Authentication"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
