1

In SSL settings of my web site (which is a non-public ASP.NET MVC 3 app) I checked "Require SSL". For Client certificates I selected the option "Require". When a user opens my site, a browser (e.g. Chrome) asks to pick any available certificate. If the user just presses Cancel button, IIS 7.5 shows a standard error page:

HTTP Error 403.7 - Forbidden The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL) client certificate that the Web server recognizes.

I can show my custom 403.7 error page via httpErrors section in Web.config, but this static page is not sufficient for my purpose. I would like to process this error manually, analyse the reason (is the certificate chosen or it is chosen but outdated) and show for users an appropriate message about what is wrong and what to do. Can I write a module that process this error? I tried a managed module, but the error occurs before the module's initialization. Can a native module intercept this error?

Evgeni Nabokov
  • 2,421
  • 2
  • 32
  • 36
  • 1
    You can have separate error pages by substatus code. http://stackoverflow.com/questions/7168191/iis-7-0-custom-error-page-for-error-code-with-a-substatus?answertab=active#tab-top – vcsjones Sep 30 '16 at 15:28
  • @vcsjones Thank you. Somehow I missed the parameter subStatusCode. That is much better than simple 403. I am still curious about manual processing this error. – Evgeni Nabokov Sep 30 '16 at 16:39

0 Answers0