Register

Forgot Password

Site FAQ

Home > IT Answers > Development > Windows 2003 Web Server & IIS 6: Using X509 certificate for XML Post

JohnFogg

0 pts.

Windows 2003 Web Server & IIS 6: Using X509 certificate for XML Post

ASP, Desktops, JavaScript, Management, Microsoft Windows, OS, Security, Servers, SQL Server, Web development tools, Web services, Web site design & management, XML

We have a Windows 2003 Web Edition server with IIS 6 running a small site that now has need to perform ServerXMLHTTP posts to a supppier site, via an ASP page with Javascript, that requires X509 certificate authentication. I have followed Microsoft's guide "How to install client certificate on IIS Server for ServerXMLHTTP request object (Q301429)" and using the objects SetOption(3) to point to the certificate store (Personal - this is where the supplied certificate installed itself), I now receive the message "msxml3.dll error '80090325' The certificate chain was issued by an authority that is not trusted. " Viewing the Certification Path in IE/Content/Certificates, it does state that the issuer is unknown. How do we correct this problem? I have 'googled' this to death but nothing seems to affect this issue. The certificate itself work fine when I connect to the site just via IE, it asks me to select the certificate and I can log in. Any ideas? Many thanks...

Software/Hardware used:

ASKED: December 12, 2005 10:58 AM

UPDATED: December 13, 2005 7:34 PM

RELATED QUESTIONS

Answer Wiki:

I am easily confused. WHOSE certificate did you install on your server? Is the error on your end or theirs? And you probably need their certificate in the 'store' for the web server, not the personal store of the console login. Clarify please.

Last Wiki Answer Submitted: December 12, 2005 4:52 pm by Howard2nd

30 pts.

All Answer Wiki Contributors: Howard2nd

30 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Dec 12, 2005 7:47 PM (GMT)

I believe your problem is that you must install a certificate that has been issued by a trusted CA. There are two formats for supplying a certificate, PCKS#7 and PCKS#11. PCKS#11 includes the certificate of the issuing CA. With PCKS#7 format, you must supply the trusted CA certificate separately. You may be trying to do a self signing certificate but I am not sure that is supported for IIS 6 using XML Post.

Richcolton

0 pts.

POSTED: Dec 13, 2005 11:58 AM (GMT)

The problem is that the machine doesn’t trust the CA that issued the certificate. Obtain the certificate of the CA and install it in the trusted authorities and you’re good to go.

Amigus

0 pts.

POSTED: Dec 13, 2005 7:34 PM (GMT)

go to verisign and get a secure site cretificate that is recognized and trusted and then put that in in place of the free certificate you signed up for. Did you get a freebie from Thawte ? It won’t work

This should correct the problem.

Joco1141

0 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags