Solved

403 forbidden errors after a cert install

Posted on 2011-02-19
3
1,437 Views
Last Modified: 2012-05-11
On one of our applications, one of the certs was expiring so we installed a new one to replace it. If we reverted back to the older cert, the error went away. However the old cert is now expired. Any suggestions.

Now we are getting these alerts.


Event Type:      Error
Event Source:      Office Communications Server 2007 Speech Server
Event Category:      Speech Application
Event ID:      29025
Date:            2/19/2011
Time:            3:09:25 PM
User:            N/A
Computer:      Bobby1
Description:
Application Error 2701:  ERROR: Got error on searchCustomer by ani/tn (12345678) request. Error Code: 500; error msg: System.ServiceModel.Security.MessageSecurityException: The HTTP request was forbidden with client authentication scheme 'Anonymous'. ---> System.Net.WebException: The remote server returned an error: (403) Forbidden.
   at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
   at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult result)
   --- End of inner exception stack trace ---

Server stack trace:
   at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.SendAsyncResult.End(SendAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeEndService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
Comment
Question by:wbokhary
  • 2
3 Comments
 
LVL 17

Expert Comment

by:OriNetworks
ID: 34934364
Just going by your description rather than trying to read through the error, is the cert valid? valid root certification authorties, valid dates, common name, etc. The new cert may not match up with the common name you are trying to reference the site by. (e.g. if the cert is for mydomain.com  but you are internally referencing it by mydomain.local.)
0
 

Accepted Solution

by:
wbokhary earned 0 total points
ID: 34964240
How you have to use the winhttpcfg.exe tool to configure your certs for at least two service accounts:
ASPNET and NETWORK SERVICE.
That fixes the problem.
0
 

Author Closing Comment

by:wbokhary
ID: 34995474
Found out the solution
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This Micro Tutorial will teach you how to censor certain areas of your screen. The example in this video will show a little boy's face being blurred. This will be demonstrated using Adobe Premiere Pro CS6.
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question