Re: X509 Cert Services Cert
- From: "Alex Trebek" <trebek@xxxxxxxxxxxxxx>
- Date: Tue, 26 Jul 2005 08:29:26 -0400
I do appreciate the reply but unfortunately I still have no luck :) The
oddest thing is that my Versign certs seem to work fine (with certificate
services ASP.NET has same permissions, private key access, cert stores, both
client and server stores reflect the same cert install path, etc.....) but,
for some reason cert service certs don't work for me.
I'll keep plugging,
Alex
"Next" <aeverett99@xxxxxxxxxxxxxxxx> wrote in message
news:78EDD4D6-FE7D-4930-A298-FDD29CF65ACD@xxxxxxxxxxxxxxxx
> Hi Alex,
>
> Not sure if this is the answer, but it helped me in a similar situation.
> Taken from:
> "HOL202 Exploring WSE 3.0 Security " Hands-On Lab
>
> 8. Ensure that the web service will have access to its private key in the
> certificate store. This is an important step - if you forget to do this,
> clients will likely see faults including rather cryptic error messages
> such
> as "Bad Key".
> a. Run the WseCertificate3.exe tool which can be found in the \Program
> Files\Microsoft WSE\v3.0\Tools directory.
> b. For Certificate Location, choose Local Computer.
> c. For Store Name choose Personal.
> d. Click Open Certificate and you should see the WSE2QuickStartServer
> certificate that you installed a few steps ago. Select it and press OK.
> e. Press View Private Key File Properties to bring up the properties for
> the
> private key for the certificate. Select the Security tab.
> f. If you're running on Windows XP, your web service will run under the
> ASPNET local account by default, so grant read access to that account by
> pressing Add, typing ASPNET, and then pressing OK.
> g. If you're running on Windows Server 2003, follow the same steps, except
> specify "Network Service" instead of ASPNET. On the server OS, web
> services
> run as Network Service by default.
> h. Press OK to commit your change, and close the tool.
>
>
> "Alex Trebek" wrote:
>
>> Hello grp:
>>
>> Has anyone had any luck using Certificate Services generated certs and
>> SecureConversation? For whatever reason, I am able to use our Verisign
>> certs with no issue but receive a bunch of different errors when
>> attempting
>> to use our certificate server cert. I've seen a few posts about this but
>> the people were referring to makecert generated certs for testing or
>> their
>> situation was not the same as mine. We are done with testing and I need
>> to
>> find a solution for production. If someone has done this successfully,
>> would it be possible to describe the steps you've taken with setting up
>> Cert
>> svcs or your policy file.
>>
>> Steps I've taken:
>>
>> 1) verified that I have the private key in the appropriate places and
>> permissions for ASPNET were granted.
>>
>> 2) used the trace to determine that the client message conforms to policy
>> reqs (signed, key hash matches, encrypted, etc..)
>>
>> Thanking in advance,
>>
>> Alex
>>
>>
>>
.
- References:
- X509 Cert Services Cert
- From: Alex Trebek
- RE: X509 Cert Services Cert
- From: Next
- X509 Cert Services Cert
- Prev by Date: Re: Commercial Certificate
- Next by Date: Re: Commercial Certificate
- Previous by thread: RE: X509 Cert Services Cert
- Next by thread: Can't add reference to Webservice using HTTPModule
- Index(es):
Relevant Pages
|
