RE: 403 Error Web App to Web App with Client Certificates
From: [MSFT] (lukezhan_at_online.microsoft.com)
Date: 10/04/04
- Next message: Prodip Saha: "Re: Massive ASP.Net Forms Authentication vulnerability"
- Previous message: Martin: "ssl secret key available to asp.net page?"
- In reply to: Peter Sedman: "403 Error Web App to Web App with Client Certificates"
- Next in thread: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Reply: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Reply: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 04 Oct 2004 07:08:45 GMT
Hi Peter,
For 1.1 framework :
821156 INFO: ASP.NET 1.1 June 2003 Hotfix Rollup Package
http://support.microsoft.com/?id=821156
Along with this fix you will need to install the client certificate under
the Local_Machine registry hive and not the Current_User hive. You will
then need to give the ASP.Net account access to the private key for the
client certificate to get all of this to work. You can use KeyWiz.EXE for
this purpose.
Also, you may consider following solution:
Invoke the Web service from a Serviced Component, and use a Microsoft
Windows service to automatically load the profile of the certificate user
so that the Serviced Component can retrieve the client certificate and then
communicate with the Web service over SSL.
1. Create a Windows service program with only one function to run under the
certificate user identity.
2. Create a Serviced Component that runs under the identity of the
certificate user.
3. Move the authentication code from the ASP.NET application to the
Serviced Component. Verify that the Serviced Component runs under the
identity of the certificate user.
4. Call the Serviced Component method from the ASP.NET Web application.
Hope this help,
Luke
- Next message: Prodip Saha: "Re: Massive ASP.Net Forms Authentication vulnerability"
- Previous message: Martin: "ssl secret key available to asp.net page?"
- In reply to: Peter Sedman: "403 Error Web App to Web App with Client Certificates"
- Next in thread: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Reply: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Reply: Peter Sedman: "Re: 403 Error Web App to Web App with Client Certificates"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
