Re: The remote server returned an error: 403 Forbidden

From: Joe Kaplan \(MVP - ADSI\) (joseph.e.kaplan_at_removethis.accenture.com)
Date: 07/14/04 

Date: Wed, 14 Jul 2004 16:59:02 -0500

Generally you just use the cert import wizard to import the P12 file into
the CAPI store. The trick might importing it into the right store so that
the process that is creating the webrequest has access to it. CAPI stores
are generally per user, but there is also a machine-wide store that you can
use.

Hopefully if that doesn't work, start a new thread and maybe the cert gurus
can help.

Joe K.

"Chun" <huilongchun@hotmail.com> wrote in message
news:90e3820d.0407141233.22c4023a@posting.google.com...
> Hi Joe,
> Can you tell me how to setup the private key that you were talking
> about? I having the same error as Arun.
> Any direction will be appreciated.
> Chun
>
>
>
> Does the certificate in the store say it has a private key associated
> with
> it? CAPI needs to have the private key available for SSL client
> authentication, so you need to make sure the private key is imported
> into
> the store when you import the certificate.
>
> Joe K.
> "Arun" <aknss@hotmail.com> wrote in message
> news:93980cbb.0406150614.458e27d9@posting.google.com...
> > Hi,
> > I am trying to make a request from a web service to an external
> > site which uses https. I have a certificate (.p12 format) from them. I
> > have performed the following steps:
> >
> > 1. Exported the certificate to DER encoded .CER file.
> > 2. Imported the certificate into the Trusted Root CA of the local
> > computer
> > 3. Used X509Certificate.CreateFromCertFile() to create a
> > X509Certificate object from the .CER file.
> > 4. Added this certificate to the HttpWebRequest using
> > httpRequest.ClientCertificates.Add(cert);
> > 5. When I try to retrieve the response using
> > httpRequest.GetResponse(), I get the following error:
> > "The remote server returned an error: (403) Forbidden."
> >
> > Any idea what this means and how to get past it? I have a feeling that
> > the certificate is not being sent to the external site.
> > Any help will be highly appreciated.
> >
> > Thanks,
> > Arun

Relevant Pages

  • How do you associate private key with import cert?
    ... I created a certificate using the makecert.exe that comes with VS.NET ... cert entry in the store it doesn't indicate any private key. ... How are you supposed to include the private key when importing the ...
    (microsoft.public.dotnet.security)
  • Re: Alternative store vs. MY store
    ... store both the client cert and its associate private key on my USB memory ... your codes (CSP, ... indirect call to your CSP when one of your cert is involved in an operation. ...
    (microsoft.public.platformsdk.security)
  • Re: Alternative store vs. MY store
    ... >> keep the private key on the memory card all the time. ... > must so start to copy your certs to the store, ... > indirect call to your CSP when one of your cert is involved in an operation. ...
    (microsoft.public.platformsdk.security)
  • Re: Alternative store vs. MY store
    ... I don't think copying the cert to ... the private key to leave my alternative physical store--which is a USB flash ... store both the client cert and its associate private key on my USB memory ... article "The Smart Card Cryptographics Service Provider Cookbook" which has ...
    (microsoft.public.platformsdk.security)
  • Re: Security - Best Encryption Mechanism
    ... If you need to store a key in your code, then you should look at DPAPI. ... > a) What is the most secure encryption tool that can be used to store ... > b) Any tool which implements AES and does not expect a private key to ... > The work round I decided was to use the dll provided by the tool. ...
    (microsoft.public.dotnet.languages.csharp)
Loading