Err. Msg.: Access Forbidden During Certificate Creation

 Last reviewed: November 13, 1997
Article ID: Q171119

The information in this article applies to:

  • Microsoft Internet Information Server version 3.0

SYMPTOMS

When you try to process a Certificate Request file through the sample Certificate Server web site (Krenroll.asp), you may get the following error message: 

   HTTP/1.1 403 Access Forbidden

   Execute Access Denied

   This Virtual Directory does not allow objects to be executed.

CAUSE

The script mapping for the .Cer extension is not marked as Execute (including script).

RESOLUTION

Use one of the following workarounds:

I. Reapply the script mapping for the .Cer extension.

Within the Microsoft Management Console

  1. Select the plus sign beside IIS under the Console Root.

  2. Select the plus sign beside the appropriate Web Server.

  3. Right-click the appropriate web site, and click Properties on the shortcut menu.

  4. In the web site properties, select the Home Directory tab.

  5. Click Configure under the Application Settings tab.

  6. Under the Application Mappings section, select the .Cer extension. Click Edit.

  7. In the Add/Edit Application Extension Mapping dialog box, make sure the Script Engine check box is selected.

II. Mark the Virtual Directory as "Execute."

Within the Microsoft Management Console

  1. Select the plus sign beside IIS under the Console Root.

  2. Select the plus sign beside the appropriate Web Server.

  3. Right-click the appropriate Virtual Directory or Web Site, and select Properties on the shortcut menu.

  4. In the Properties Sheet, click the Virtual Directory tab.

  5. Under the Permissions section, ensure that the Execute (including script) button is selected.

  6. Close the appropriate dialog boxes and exit the Microsoft Management Console.

MORE INFORMATION

During setup, the .Cer extension is not configured properly. When you change the Permissions to Execute, it forces the appropriate behavior. However, editing the .Cer extension is the most appropriate solution. 

Keywords          : iissecurity kberrmsg
Version           : WinNT:3.0
Platform          : winnt
Hardware          : ALPHA x86
Issue type        : kbprb
Solution Type     : kbworkaround

================================================================================

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: November 13, 1997
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.