RE: 403 Error Web App to Web App with Client Certificates
From: [MSFT] (lukezhan_at_online.microsoft.com)
Date: Mon, 04 Oct 2004 07:08:45 GMT
For 1.1 framework :
821156 INFO: ASP.NET 1.1 June 2003 Hotfix Rollup Package
Along with this fix you will need to install the client certificate under
the Local_Machine registry hive and not the Current_User hive. You will
then need to give the ASP.Net account access to the private key for the
client certificate to get all of this to work. You can use KeyWiz.EXE for
Also, you may consider following solution:
Invoke the Web service from a Serviced Component, and use a Microsoft
Windows service to automatically load the profile of the certificate user
so that the Serviced Component can retrieve the client certificate and then
communicate with the Web service over SSL.
1. Create a Windows service program with only one function to run under the
certificate user identity.
2. Create a Serviced Component that runs under the identity of the
3. Move the authentication code from the ASP.NET application to the
Serviced Component. Verify that the Serviced Component runs under the
identity of the certificate user.
4. Call the Serviced Component method from the ASP.NET Web application.
Hope this help,