Rejecting Biztalk X.509 Server Certificates

Question

Rejecting Biztalk X.509 Server Certificates

Our ssl certificate expired recently, so we got a new CA. Unfortunately, when biztalk uses this certificate to access the server, the server rejects it, giving us a 403.17 (Expired or not yet valid) error.

So I checked the dates of the certificate and it seems to be ok. But to actually test if the certificate is working, we loaded it into IE7 and tried to access the server. It works.

Biztalk is looking at the hardcoded location for the certificate, but we have already replaced this file with a new one.

Any idea why when Biztalk tries to access the server it gets rejected?

0

ssl ssl-certificate biztalk

Anton Dec 30. '09 at 15:32

source to share

2 answers

Can Biztalk cache your certificate?

0

Ali Afshar Dec 30. 09 at 15:36

source to share

Anton · Accepted Answer · 2009-01-08T15:46:24+0000

We figured out a solution. The problem was accessing the certificate and private key. If you replace the certificate, it is not enough to install it. What for? Because it will only be installed under the current user.

Biztalk runs as user: BizTalkSVC and this account did not have permission to access the certificate.

Once he was granted permission, he ran like a charm!

Rejecting Biztalk X.509 Server Certificates

More articles: