| David Carr 2005-06-27, 8:48 pm |
| Hi there,
PC: Win2K Pro sp4 machine running IIS 5
Some weeks ago, I was setting things up to understand the use of
certificates. A server certificate was installed, the Authentication
Methods dialog had everything (i.e. Anonymous and Integrated) unchecked, and
the Secure Communications dialog was changed to
- Require secure channel,
- Accept client certificates, and
- Enable client certificate mapping
For the latter, as a test, a Many-To-1 mapping of any certificate with a
location of 'Vancouver' was mapped to my personal account.
So back then, things seemed to be working as expected, including updating a
CRL generated by a stand-alone CA on a Win2K Server that is in-house.
Now, I always get the error 'HTTP 403.13 - Forbidden: Client certificate
revoked'. Over these weeks I can't remember everything that has happened,
but the only thing that stands out is that I changed the name of my PC.
Thinking that this might be a problem, I have deleted the old server
certificate (which referenced the old name) and obtained a new one from the
CA. The mapping also used the username as OLDMACHINENAME\USER, so this was
updated to reflect the new machine name. I also obtained a new client
certificate through IE.
Unfortunately, none of this has helped and I continue to get the 403.13
error.
If anyone has any suggestion, that would be most appreciated.
Best regards,
David
|