If the Web server rejects requests from the Java client with the status 403 (access denied), this can be due to incorrect entries in the TREXcert.iniconfiguration file. Below is a description of how to check the determined data using the Windows Event Viewer and correct the TREXcert.ini configuration file.
Prerequisite
You have configured secure communication (using HTTPS) between theTREX Web server and the TREX name server.
Procedure
[TRACE]
tracelevel=2
Two events are created for each request. One event contains information for the owner of the client certificate, and the other contains information for the issuer.
The Description field can contain the following text:
The description of Event ID ( 1 ) in Source ( SAP TREXHttpServer for ISAPI ) cannot be found. The local computer may not have the necessary registry information or message DLL files to display messages from a remote computer. The following information is part of the event:E=myaccount@mydomain, C=mycountry, S=mystate, L=mycity, O=mycompany, OU=mydepartment, CN=myhost.mydomain
If this is the case, select the following information:
E=myaccount@mydomain, C=mycountry, S=mystate, L=mycity, O=mycompany, OU=mydepartment, CN=myhost.mydomain
[WEBSERVERCERTIFICATE1]
subject=E=myaccount@mydomain, C=mycountry, S=mystate, L=mycity, O=mycompany, OU=mydepartment, CN=myhost.mydomain
issuer=E=caaccount@cacompany.com, C=CA Country, S=CA State, L=CA City, O=CA Company, OU=Certificate Center, CN=My Certificate Authority (CA)
The request should now be sent successfully to the Web server. If problems still occur, contact TREX support.