Re: X.509 certificates and HTTPwebrequest

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Did u send client certificate manually ?
Did u set credentials ?

--

Thanks,
Yunus Emre ALPÖZEN
BSc, MCAD.NET

"Deepak" <Deepak@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5CC894A3-AA65-4FC8-8C55-FB8774F5BF7B@xxxxxxxxxxxxxxxx
> We retrieve data from a company called XYZ through httpwebrequest.
> The program is coded using VB.NET
> They have given a certificate to install.
> This certificate is included with the request object.I use httpwebrequest
> to
> retrieve data. The certificate is added to the client certificates
> collection.
>
>
> When this component is called from a windows application, I can retrieve
> the
> data.
> When this component is called from a web page, I get the following error
> The remote server returned an error 403 forbidden.
> we have no special setting in machine.config for the section processmodel.
> The aspnet process is running under the username aspnet.
> if I deploy my component in COM+, it runs successfully.
> we feel it is because of permission issue for the user ASPNET .
> I have used winhttpcertcfg tool from microsoft to give access to the
> private
> key for the user ASPNET.
> The certificate is installed under local machine account in the folder
> Personals(LOCAL_MACHINE\MY).
> I have no success even after utilizing winhttpcertcfg . I feel that the
> httpwebrequest is somehow not passing the client certificate.
> to the server. I donot want to put this component in COM+ or make any
> changes to Processmodel section of machine.config files.
> I have given permission to the key under C:\Document and
> Settings\Allusers\applicationd­ata\microsoft\Crypto\RSA\Machi­neKeys for
> the
> user ASPNET.
> I have had no success even after doing all these steps.
> I have tried using LogOnuser API to change the security context but still
> I
> had problems.
> In .net framework V1.1, to successfully run LogOnuser API, we have to make
> the user ASPNET to act as part of the operating system. This results to
> giving high privilege account to the user ASPNET which is against our
> security policy.
> Environment: windows 2000
> .Net framework Version 1.1
> IIS 5.0
> Programming Language used is VB.NET
>
>
> give me some insights into the issue
>
>
>


.

Relevant Pages

  • X.509 certificates asp.net
    ... We retrieve data from a company called XYZ through httpwebrequest. ... They have given a certificate to install. ... we feel it is because of permission issue for the user ASPNET. ...
    (microsoft.public.platformsdk.security)
  • X.509 certificates and httpwebrequest
    ... We retrieve data from a company called XYZ through httpwebrequest. ... They have given a certificate to install. ... we feel it is because of permission issue for the user ASPNET. ...
    (microsoft.public.dotnet.security)
  • Re: X.509 certificates and httpwebrequest
    ... > We retrieve data from a company called XYZ through httpwebrequest. ... > They have given a certificate to install. ... > we feel it is because of permission issue for the user ASPNET. ... > I have no success even after utilizing winhttpcertcfg. ...
    (microsoft.public.dotnet.security)
  • Re: X.509 certificates and httpwebrequest
    ... Also see alternate posting to this group on client certificates in last few days. ... > We retrieve data from a company called XYZ through httpwebrequest. ... > They have given a certificate to install. ... > we feel it is because of permission issue for the user ASPNET. ...
    (microsoft.public.dotnet.security)
  • Re: X.509 certificates and httpwebrequest
    ... >> We retrieve data from a company called XYZ through httpwebrequest. ... >> They have given a certificate to install. ... >> we have no special setting in machine.config for the section processmodel. ... >> key for the user ASPNET. ...
    (microsoft.public.dotnet.security)