I have a client who is working on .net env. We are plan to do a POC on SSL before going further. We have certificates exchanged. I am successfull in invoking webservice. The issue is I am not getting response back. I have checked the forum people had similar issue but resolution was not mentioned.
The second question is can IIS server be client to IS ? If so how to configure certificate on IIS.
Your help/suggestion will be of great help.
Any suggestion. Plz let me know if you need any more info.
A good IIS administrator can tell you how to install security certificates into its trusted store.
Get your web services calls working over HTTP first before attempting to use HTTPS. That will allow you to degug using a tool such as PocketSoap’s TCPTrace.
The call over http works. The issue is only for https.
We have RI configured in DMZ. When my client call the webservice it gives the below error in server log in my RI box :
The required client certificate was not provided by /188.8.131.52(dummy ip).
The error clearly says that the certificate was not provided to my IS.
My client says he has configured the certificate. This is where we are stuck. I am not able to figure out what to do next ?
Can you help me on that…plz let me know if you need more info.
Could the issue be that the client is providing a certificate, but that it is not one that the RI server is configured to trust?
I had the similar feeling. So I went ahead and did a small test from my local box to RI server. I used the same certificate which I provided to my client. For me the call is going through and I can see the results back. But they are not able to pass our RI server.
Is it something we are missing ?
I was searching advantage on this issue and found the below ticket which address my problem.
Now the question is how do I verify if my client is using right certificate ?
This will help me on resolving my problem.
Obtain a copy of their certificate and replicate their logon procedures (if possible).
I have their certificate. Could you be more elaborate on your idea of “replicate their logon procedures”