B
Balint Kardos
Hi,
I have to call a remote Xmlrpc gateway, which requires me to send a
previously generated certificate (stored in a .der file).
If I do it in Visual Studio 2008 with my user account (Balint), VS's built
in WebServer can read out the certificate's path and CA's root cert from
CURRENT_USER\Trusted Root, and works fine.
If I try to install the application on IIS7, it fails with "The request was
aborted: Could not create SSL/TLS secure channel".
1) If I understand well, IIS7's W3WP/SVCHOST processes are running under the
NETWORK account.
I've tried to add the certificates to NETWORK's CURRENT_USER\Personal, and
CURRENT_USER\Trusted Root store, but it still not working.
2) I tried <impersonate> in the web.config for my user account, but it's
still not working.
3) I've imported the certs to LOCAL_MACHINE\Trusted Root, no luck.
4) I thought the certificate is bad, or the path is wrongly built, and tried
to use it on a local SSL website:
It's okay, IIS can read out the key from LOCAL_MACHINE\Trusted Root\, so the
https://localhost/ site is working well with these certs, however I don't
want to use it for anything
What am I missing here?
From C# code, how can I build a "path" for my certificate, which would
include the CA's root certificate too?
Thanks,
Balint
I have to call a remote Xmlrpc gateway, which requires me to send a
previously generated certificate (stored in a .der file).
If I do it in Visual Studio 2008 with my user account (Balint), VS's built
in WebServer can read out the certificate's path and CA's root cert from
CURRENT_USER\Trusted Root, and works fine.
If I try to install the application on IIS7, it fails with "The request was
aborted: Could not create SSL/TLS secure channel".
1) If I understand well, IIS7's W3WP/SVCHOST processes are running under the
NETWORK account.
I've tried to add the certificates to NETWORK's CURRENT_USER\Personal, and
CURRENT_USER\Trusted Root store, but it still not working.
2) I tried <impersonate> in the web.config for my user account, but it's
still not working.
3) I've imported the certs to LOCAL_MACHINE\Trusted Root, no luck.
4) I thought the certificate is bad, or the path is wrongly built, and tried
to use it on a local SSL website:
It's okay, IIS can read out the key from LOCAL_MACHINE\Trusted Root\, so the
https://localhost/ site is working well with these certs, however I don't
want to use it for anything
What am I missing here?
From C# code, how can I build a "path" for my certificate, which would
include the CA's root certificate too?
Thanks,
Balint