Windows user profile seems to be blocking certificate auth on webservice calls

Question

I have a Delphi app that's running on Windows Server 2003. The app communicates with a webservice on another server that is protected by a Cisco ACE XML Gateway requiring a certificate for client authentication. When I run my app as a local administrator on the box I have no problems connecting to the webservice. When I run it as a member of a different group policy that has less rights than local administrator I get the error: "An error occurred in the secure channel support - [endpoint - soapaction]"

I know the user can connect to the ACE because if I have it provide the wrong cert, I get a 'Forbidden' message back.

Does anyone know of any user/group policy rights in Windows that could cause this? I'd really appreciate any help.

Thanks, Nathan

Answer 1

sounds like an access issue, to perhaps the windows temp directory, or rsabase.dll.

i suggest you use procmon to monitor the process, and see if access is denied to a resource.

Answer 2

It turns out it was a user privilege issue. I was able to run winhttpcertcfg to grant access to the cert to the set of domain users I wanted, and my calls now go through successfully.