?
Solved

403 forbidden errors after a cert install

Posted on 2011-02-19
3
Medium Priority
?
1,521 Views
Last Modified: 2012-05-11
On one of our applications, one of the certs was expiring so we installed a new one to replace it. If we reverted back to the older cert, the error went away. However the old cert is now expired. Any suggestions.

Now we are getting these alerts.


Event Type:      Error
Event Source:      Office Communications Server 2007 Speech Server
Event Category:      Speech Application
Event ID:      29025
Date:            2/19/2011
Time:            3:09:25 PM
User:            N/A
Computer:      Bobby1
Description:
Application Error 2701:  ERROR: Got error on searchCustomer by ani/tn (12345678) request. Error Code: 500; error msg: System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult result)
   --- End of inner exception stack trace ---

Server stack trace:
   at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
Comment
Question by:wbokhary
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 17

Expert Comment

by:OriNetworks
ID: 34934364
Just going by your description rather than trying to read through the error, is the cert valid? valid root certification authorties, valid dates, common name, etc. The new cert may not match up with the common name you are trying to reference the site by. (e.g. if the cert is for mydomain.com  but you are internally referencing it by mydomain.local.)
0
 

Accepted Solution

by:
wbokhary earned 0 total points
ID: 34964240
How you have to use the winhttpcfg.exe tool to configure your certs for at least two service accounts:
ASPNET and NETWORK SERVICE.
That fixes the problem.
0
 

Author Closing Comment

by:wbokhary
ID: 34995474
Found out the solution
0

Featured Post

Get proactive database performance tuning online

At Percona’s web store you can order full Percona Database Performance Audit in minutes. Find out the health of your database, and how to improve it. Pay online with a credit card. Improve your database performance now!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Preparing an email is something we should all take special care with – especially when the email is for somebody you may not know very well. The pressures of everyday working life stacked with a hectic office environment can make this a real challen…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
In this video, Percona Solution Engineer Rick Golba discuss how (and why) you implement high availability in a database environment. To discuss how Percona Consulting can help with your design and architecture needs for your database and infrastr…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question