Microsoft KB Archive/942067

= Error message when you try to run a Web application that is hosted on a server that is running IIS 7.0: &quot;HTTP Error 403.7 - Forbidden&quot; =

Article ID: 942067

Article Last Modified on 10/2/2007

-

APPLIES TO


 * Microsoft Internet Information Services 7.0

-



SYMPTOMS
When you try to run a Web application that is hosted on a server that is running Internet Information Services (IIS) 7.0, you may receive the following error message:

Server Error in Application &quot; &quot;

HTTP Error 403.7 - Forbidden

HRESULT: 0x80070005

Description of HRESULT The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL) client certificate that the Web server recognizes.



CAUSE
This problem occurs because the Require SSL option is selected. This option appears on the SSL Settings page of Internet Information Services (IIS) Manager. When this option is selected, all requests that client computers make to the Web application must use a Secure Sockets Layer (SSL) connection.

Additionally, the Require option of the &quot;Client certificates&quot; feature is selected. This option also appears on the SSL Settings page of IIS Manager. When this option is selected, all client computers that send requests to the server that is running IIS must have valid client certificates.



RESOLUTION
To resolve this problem, use one of the following methods.

Method 1
Configure a client certificate on the client computer. The client certificate is issued by a certification authority that is trusted by the server that is running IIS.

For more information about how to configure a client certificate, visit the following Web site:

http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/096519f4-3079-4571-9d28-8e5d286c5ab9.mspx

Method 2
If you do not require that users have client certificates to run the Web application, use the Accept option instead of the Require option of the &quot;Client certificates&quot; feature. You can change this setting on the SSL Settings page for the Web application in IIS Manager. To do this, follow these steps:
 * 1) On the computer that is running IIS 7.0, click Start, type inetmgr in the Start Search box, right-click Inetmgr in the Programs list, and then click Run as administrator.

If you are prompted for an administrator password or for a confirmation, type your password, or click Continue.
 * 1) In IIS Manager, locate the Web application for which you want to change the SSL setting.
 * 2) In Features View, double-click SSL Settings.
 * 3) On the SSL Settings page, select the Accept option under Client certificates.
 * 4) In the Actions pane, click Apply.

Keywords: kbexpertiseadvanced kbtshoot kbprb KB942067

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.