Sunday, February 19, 2012

TLSException While Deploying UCMA 3.0 Application On IIS

Remote Deployment of UCMA 3.0  application on to Microsoft IIS:


If You are deploying UCMA 3.0 Application on to IIS Server rather than executing from Visual Studio  .

One of the most common issues you are likely to run into in doing UCMA 3.0 development is the following exception:


Microsoft.Rtc.Internal.Sip.TLSException: CertificateInfoNative::AcquireCredentialsHandle() failed; 




Most often, it means that the process does not have permission to access the certificate you are using to authenticate for transport layer security (TLS). 


There are a number of reasons why this might happen.If you are debugging your application in Visual Studio, make sure you are running Visual Studio as an administrator. You can do this by right-clicking on Visual Studio in the start menu and choosing Run as administrator.


If it’s a console application or a Windows service you’re trying to run, make sure the account you are running it under has permission to access the private key of your certificate. Copy the certificates to Trusted Root Certification Authorities from Personal folder




For websites running in IIS, you may need to use WinHttpCertCfg.exe to grant access to the private key.


Follow the steps as stated below



1. Right-click on the newly created application and then choose "Edit Permissions" to open the Properties dialog.
2. In the Security tab, edit permissions and grant user "Everyone" read permission.
Even after above steps, if it is not working then Download the WinHttpCertCfg.exe utility




winhttpcertcfg -g -c LOCAL_MACHINE\Root -s "apphost.rtc.ca.oracle.com" -a RTC\EveryOne 


where apphost.rtc.ca.oracle.com is the hostname of the server where UCMA is going to be deployed.



C:\Program Files (x86)\Windows Resource Kits\Tools>winhttpcertcfg.exe -g -c
  LOCAL_MACHINE\Root -s "adapter.rtc.ca.oracle.com" -a RTC\Everyone
Microsoft (R) WinHTTP Certificate Configuration Tool
Copyright (C) Microsoft Corporation 2001.


Matching certificate:
CN=adapter.rtc.ca.oracle.com


Granting private key access for account:
    \Everyone



For more Information on WinHttpCertCfg.exe you can refer to the following link


http://msdn.microsoft.com/en-us/library/aa384088(VS.85).aspx


No comments:

Popular Posts