 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / July 2005X509 Cert Services Cert
Hello grp: Has anyone had any luck using Certificate Services generated certs and SecureConversation? For whatever reason, I am able to use our Verisign certs with no issue but receive a bunch of different errors when attempting to use our certificate server cert. I've seen a few posts about this but the people were referring to makecert generated certs for testing or their situation was not the same as mine. We are done with testing and I need to find a solution for production. If someone has done this successfully, would it be possible to describe the steps you've taken with setting up Cert svcs or your policy file. Steps I've taken: 1) verified that I have the private key in the appropriate places and permissions for ASPNET were granted. 2) used the trace to determine that the client message conforms to policy reqs (signed, key hash matches, encrypted, etc..) Thanking in advance, Alex Hi Alex, Not sure if this is the answer, but it helped me in a similar situation. Taken from: "HOL202 Exploring WSE 3.0 Security " Hands-On Lab 8. Ensure that the web service will have access to its private key in the certificate store. This is an important step – if you forget to do this, clients will likely see faults including rather cryptic error messages such as “Bad Key”. a. Run the WseCertificate3.exe tool which can be found in the \Program Files\Microsoft WSE\v3.0\Tools directory. b. For Certificate Location, choose Local Computer. c. For Store Name choose Personal. d. Click Open Certificate and you should see the WSE2QuickStartServer certificate that you installed a few steps ago. Select it and press OK. e. Press View Private Key File Properties to bring up the properties for the private key for the certificate. Select the Security tab. f. If you’re running on Windows XP, your web service will run under the ASPNET local account by default, so grant read access to that account by pressing Add, typing ASPNET, and then pressing OK. g. If you’re running on Windows Server 2003, follow the same steps, except specify “Network Service” instead of ASPNET. On the server OS, web services run as Network Service by default. h. Press OK to commit your change, and close the tool. > Hello grp: > [quoted text clipped - 19 lines] > > Alex I do appreciate the reply but unfortunately I still have no luck :) The oddest thing is that my Versign certs seem to work fine (with certificate services ASP.NET has same permissions, private key access, cert stores, both client and server stores reflect the same cert install path, etc.....) but, for some reason cert service certs don't work for me. I'll keep plugging, Alex > Hi Alex, > [quoted text clipped - 52 lines] >> >> Alex Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.