Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Why does IIS Give clients 403 Forbidden Errors?

Posted on 2011-09-26
7
Medium Priority
?
1,024 Views
Last Modified: 2012-05-12
Points of My Scenario
1. I am admin of a IIS7 web server on Windows Server 2008 R2.
2. Clients connect to the server's website using HTTPS
3. When the website is configured to "Require SSL" and to accept client certificates, clients (browsers) get a HTTP 403 Forbidden error when connecting by HTTPS.
4. When the "Require SSL" setting is removed from the website, clients can successfully connect, although using HTTPS again.
QUESTION: If clients are using HTTPS in both cases, why do they fail when the website is configured to "Require SSL"?
0
Comment
Question by:waltforbes
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
7 Comments
 
LVL 21

Expert Comment

by:Hendrik Wiese
ID: 36599087
have you created the SSL Certificate in IIS7?
0
 
LVL 21

Expert Comment

by:Hendrik Wiese
ID: 36599101
You can click here for full instruction on how to setup SSL on IIS7.
0
 

Author Comment

by:waltforbes
ID: 36599179
To HendrikWiese: I have acquired a certificate from our CA (certificate authority) and binded it to the website successfully: note that clients can access the website by HTTPS successfully. The problem arises only when the website is configured to require SSL. I have verified the instructions you sent in the link (http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis-7/).
0
Introducing the WatchGuard 420 Access Point

WatchGuard's newest access point includes an 802.11ac Wave 2 chipset, providing the fastest speeds for VoIP, video and music streaming, and large data file transfers. Additionally, enjoy the benefits of strong security as the 3rd radio delivers dedicated WIPS protection!

 
LVL 21

Expert Comment

by:Hendrik Wiese
ID: 36599217
Please have a look at the following and let me know if it helps?

http://www.experts-exchange.com/Networking/Protocols/Application_Protocols/SSL/Q_26561310.html
0
 
LVL 21

Expert Comment

by:Hendrik Wiese
ID: 36599302
Have you tried the following:

To resolve this problem, follow these steps:1.In Windows Explorer, locate the folder of the virtual directory, or locate the folder of the Web site.
2.Right-click the folder, and then click Properties.
3.Click the Security tab, and then click Edit.
4.In the Group or user names box, click the account to which you want to grant the Write permission, and then click to select the Write check box.
5.Click OK.

Reference: http://support.microsoft.com/kb/942035
0
 
LVL 21

Accepted Solution

by:
Hendrik Wiese earned 2000 total points
ID: 36599317
This is obviously a permission issue.

You can view all the forbidden codes here and select the KB within the code description to see the resolution.
0
 

Author Closing Comment

by:waltforbes
ID: 36599391
HendrikWiese: the codes are what I needed most. Many thanks!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
A safe way to clean winsxs folder from your windows server 2008 R2 editions
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question