Solved

403 forbidden errors after a cert install

Posted on 2011-02-19
3
1,405 Views
Last Modified: 2012-05-11
On one of our applications, one of the certs was expiring so we installed a new one to replace it. If we reverted back to the older cert, the error went away. However the old cert is now expired. Any suggestions.

Now we are getting these alerts.


Event Type:      Error
Event Source:      Office Communications Server 2007 Speech Server
Event Category:      Speech Application
Event ID:      29025
Date:            2/19/2011
Time:            3:09:25 PM
User:            N/A
Computer:      Bobby1
Description:
Application Error 2701:  ERROR: Got error on searchCustomer by ani/tn (12345678) request. Error Code: 500; error msg: System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult result)
   --- End of inner exception stack trace ---

Server stack trace:
   at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
Comment
Question by:wbokhary
  • 2
3 Comments
 
LVL 17

Expert Comment

by:OriNetworks
ID: 34934364
Just going by your description rather than trying to read through the error, is the cert valid? valid root certification authorties, valid dates, common name, etc. The new cert may not match up with the common name you are trying to reference the site by. (e.g. if the cert is for mydomain.com  but you are internally referencing it by mydomain.local.)
0
 

Accepted Solution

by:
wbokhary earned 0 total points
ID: 34964240
How you have to use the winhttpcfg.exe tool to configure your certs for at least two service accounts:
ASPNET and NETWORK SERVICE.
That fixes the problem.
0
 

Author Closing Comment

by:wbokhary
ID: 34995474
Found out the solution
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Join & Write a Comment

I was asked about the differences between classic ASP and ASP.NET, so let me put them down here, for reference: Let's make the introductions... Classic ASP was launched by Microsoft in 1998 and dynamically generate web pages upon user interact…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now