none
The remote server returned an error: (403) Forbidden.

    Question

  • Hello, I am trying to follow this Tutorial:
    <!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:0; mso-generic-font-family:roman; mso-font-pitch:variable; mso-font-signature:-1610611985 1107304683 0 0 159 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-1610611985 1073750139 0 0 159 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin-top:0in; margin-right:0in; margin-bottom:10.0pt; margin-left:0in; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:Calibri; mso-fareast-theme-font:minor-latin; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;} .MsoPapDefault {mso-style-type:export-only; margin-bottom:10.0pt; line-height:115%;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} -->

    Chapter 10: Intranet - Web to Remote WCF Using Transport Security (Trusted Subsystem, HTTP)

    http://msdn.microsoft.com/en-us/library/cc949089.aspx

    But I have that problem, the only step  I didnt followed of the tutorial is to create the SPN with SETSPN, is it really needed, I am on Windows XP, but in production it would be 2003.

     


    MCPD ENTERPRISE APPLICATIONS DEVELOPER http://wantmvp.blogspot.com/
    Wednesday, October 14, 2009 2:01 PM

Answers

  • Greetings,

    One question , I have regarding the query, are accessing the wcf service internet envirnoment  ?

    An easy way to use certificates for WCF security
    http://www.codeproject.com/KB/WCF/wcfcertificates.aspx

    Simple WCF - X509 Certificate
    http://www.codeproject.com/KB/WCF/Senthil.aspx

    Programming WCF Security
    http://msdn.microsoft.com/en-us/library/ms731925.aspx

    How to: Obtain a Certificate (WCF)
    http://msdn.microsoft.com/en-us/library/aa702761.aspx

    WCF security: How to configure message security with x509 authentication

    http://developers.de/blogs/damir_dobric/archive/2006/09/24/931.aspx

    How To – Use Certificate Authentication and Message Security in WCF calling from Windows Forms

    http://wcfsecurity.codeplex.com/Wiki/View.aspx?title=How%20To%20-%20Use%20Certificate%20Authentication%20and%20Message%20Security%20in%20WCF%20calling%20from%20Windows%20Forms


    WCF Security Videos Tutorials and Samples

    http://www.pnpguidance.net/post/wcfsecurityvideostutorialssamples.aspx


    Take Care

    PL




    Wednesday, October 14, 2009 3:39 PM

All replies

  • It seems I fixed giving permissions to ASPNET and my user to the folders of the application

    However now I got this new errror

    The remote certificate is invalid according to the validation procedure.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

    MCPD ENTERPRISE APPLICATIONS DEVELOPER http://wantmvp.blogspot.com/
    Wednesday, October 14, 2009 2:24 PM
  • Greetings,

    One question , I have regarding the query, are accessing the wcf service internet envirnoment  ?

    An easy way to use certificates for WCF security
    http://www.codeproject.com/KB/WCF/wcfcertificates.aspx

    Simple WCF - X509 Certificate
    http://www.codeproject.com/KB/WCF/Senthil.aspx

    Programming WCF Security
    http://msdn.microsoft.com/en-us/library/ms731925.aspx

    How to: Obtain a Certificate (WCF)
    http://msdn.microsoft.com/en-us/library/aa702761.aspx

    WCF security: How to configure message security with x509 authentication

    http://developers.de/blogs/damir_dobric/archive/2006/09/24/931.aspx

    How To – Use Certificate Authentication and Message Security in WCF calling from Windows Forms

    http://wcfsecurity.codeplex.com/Wiki/View.aspx?title=How%20To%20-%20Use%20Certificate%20Authentication%20and%20Message%20Security%20in%20WCF%20calling%20from%20Windows%20Forms


    WCF Security Videos Tutorials and Samples

    http://www.pnpguidance.net/post/wcfsecurityvideostutorialssamples.aspx


    Take Care

    PL




    Wednesday, October 14, 2009 3:39 PM
  • Hi Luis,

    As for the SetSPN, it will help associate your service's executing account to a certain servie name(like DNS name or server address). This is not necessary when your service is shosting via the built-in network service account which represent the hosting computer, but necessary when you use a custom account to run your service(since by default that account won't map to the hosting server machine's name).

    As for the new "certificate invalid ..." error, I think it is possibly caused by the client-side fail to validate the SSL certificate of your WCF service, you can try using the ServicePointManager.ServerCertificateValidationCallback Property to suppress the ssl certificate validation at client-side:



    #SSL and ServicePointManager.ServerCertificateValidationCallback
    http://social.msdn.microsoft.com/forums/en-US/netfxnetcom/thread/5f5af31c-74f2-4147-8b70-e9e8ec03c76a
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    Wednesday, October 21, 2009 3:11 AM
    Moderator