requires client certificate authentification error message?

Hi,

we have a series on monitors that check Intranet URLs every 30 minutes. We got an error this morning retrieving one of the URLs and the message back was "requires client certificate authentification".
The program didn't actually fail. Have a look at the URL that we use to do the check:
https://IPADDRESS/Originations/OriginationsService.asmx
So, you can see by the HTTPS that is it certificate based but what would throwup the error? It is the same system that checks the URL all the time so i don't understand the failure?
Many thanks.
LVL 1
Jason ThomasAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

marcustechCommented:
Maybe the certificate has become corrupt or expired? Can you try and reinstall the certificate?
0
Jason ThomasAuthor Commented:
That's just the thing. It is now working. What di=oes, or did that error mean then?
0
marcustechCommented:
SSL uses client authetication for security, if the certificates on the server and client are out of sync then you will get this message.

If it's working now, I imagine the server has issues a new accepted certificate to the client, and you shouldn't need to worry anymore.
0
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Jason ThomasAuthor Commented:
Thanks mate. Is there any way that i can tell whether the certificate on teh server has been updated recently, via stamp date etc etc?
0
marcustechCommented:
you can go to the page, click on the padlock to view the certificate and check the issued/expiry dates
0
marcustechCommented:
Forgot to mention it will be the server that will be handing out the authetication certificates to the clients. It won't have changed, it would be the clients which have. You can check this with the above mentioned method.
0
Jason ThomasAuthor Commented:
Hello, thanks fo rthe info. I've checked teh certificate on teh client and it's not due to expire until september 09. Is it not possible that the cerver certificate changed but the client didn't down load it?
0
ParanormasticCryptographic EngineerCommented:
Can also try Internet Options - Content tab - Clear SSL State button and close/reopen browser.

there may also be a chance that someone changed something on the server to require the client auth certificate where it did not before.

another possibility is if the script changed the user context that it was running under (now running as user instead of computer account, or as a different user)
0
marcustechCommented:
It's unlikely the server's certificate changed if other clients didn't receive the same notification.

If you check on the client when the certificate was issued on a machine which didn't receive the message, and the issue date is older than when the message occured and no message has been generated in that session then it suggests the server and the client are still in sync and therefore the server certificate hasn't changed since it was issued. In which case it was the client in which the message appeared on who's certificate had become changed. If it's no longer coming up, then the server has issued a new certificate and everything should now be ok.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Jason ThomasAuthor Commented:
Thanks very much guys.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.