You receive an "HTTP Error 403:Forbidden" error while you work in ASP.NET Web Application projects with SSL enabled

View products that this article applies to.

SYMPTOMS

You may receive a similar error in the following cases:

When you create a Microsoft ASP.NET Web application in Microsoft Visual Studio .NET and you set up Secure Sockets Layer (SSL) certificate authentication on the ASP.NET Web application project, you may receive the error message when you try to reopen the ASP.NET Web application project in Visual Studio IDE:
Unable to open Web project 'AspwebApp1'. The file path 'C:\Inetpub\wwwroot\AspwebApp1' does not correspond to the URL 'http://Localhost:/AspwebApp1'. The two need to map to the same server location. HTTP Error 403: Forbidden

-or-
You have created a virtual directory where you will create an ASP.NET application. You enable SSL authentication in Internet Information Services (IIS) for the project that is created in the folder. When you try to create a new Web application project with the virtual directory name, you may receive the following error:
Unable to create Web project 'AspwebApp2'. The file path 'C\Inetpub\wwwroor\AspwebApp2\ does not correspond to the URL 'http://localhost/AspwebApp2'. The two need to map to the same server location. HTTP Error 403:Forbidden

Back to the top

WORKAROUND

To work around the problem, use an https URL instead of http when you open or you create a new project.

To do this, follow these steps:

Back to the top

Open an Existing ASP.NET Project After the SSL Option Is Enabled

When you enable the existing ASP.NET project with SSL, replace the value of the URLPath attribute in the webinfo file from http to https. To do this, follow these steps:

Locate the project folder (C:\inetpub\wwwroot\AspWebTest1).
Open the AspWebTest.csproj.webinfo file or the AspWebTest.vbproj.webinfo file in Notepad.
Replace the value of the URLPath attribute with https as follows:
<VisualStudioUNCWeb> <Web URLPath ="https://ServerName/AspWebTest1/AspWebTest1.csproj" /> </VisualStudioUNCWeb>
Note You should replace ServerName with the domain name of the server. This is the name the certificate is issued to. If there is a mismatch, you will receive the following error message:

The hostname in the certificate is invalid or does not match
Save and then close the AspWebTest.csproj.webinfo file.
Open the AspWebTest1 project in Visual Studio .NET.

Back to the top

Create a New ASP.NET Project in SSL Enabled Virtual Directory

Create a virtual directory with SSL enabled, and then open the new Web project with an https URL. To do this, follow these steps:

Start Visual Studio .NET.
On the File menu, point to New, and then click Project.
Select Visual C# Project or Visual Basic Project under Project Types.
Select ASP.NET Web Application.
In the Location box, type https://localhost/AspWebTest2.
To create the project, click OK.

Back to the top

STATUS

This behavior is by design.

Back to the top

MORE INFORMATION

Steps to Reproduce the Behavior

Open an Existing ASP.NET Project with SSL enabled

To create an ASP.NET Web application, follow these steps:
1. Start Visual Studio .NET.
2. Create a new ASP.NET Web application in Visual C# .NET or in Visual Basic .NET, and then name the file AspWebTest1.
3. On the Build menu, click Build Solution.
4. Close the Visual Studio IDE.
To set up an SSL server certificate, follow these steps:

For additional information about how to install a server certificate, click the following article number to view the article in the Microsoft Knowledge Base:
315588 (http://support.microsoft.com/kb/315588/ ) How to secure an ASP.NET application using client-side certificates
To open the ASP.NET Web application Project, follow these steps:
1. Start Visual Studio .NET.
2. On the File menu, point to Open, and then click Project.
3. Locate the %windir%\inetpub\wwwroot\AspWebTest1 folder.
4. Select the AspWebTest1.csproj file or the AspWebTest1.vbproj file.
5. Click Open. You may notice the error that is described in the "Symptoms" section of this article.

Create a New ASP.NET Project in SSL-Enabled Virtual Directory

To create a Virtual directory, follow these steps:
1. At the command prompt, locate %windir%\inetpub\wwwroot, and then create a folder that is named AspWebTest2. C:\inetpub\wwwroot\AspWebTest2 is created.
2. Right-click C:\inetpub\wwwroot\AspWebTest2, and then click Properties. By default, the Properties window appears.
3. Click the WebSharing tab. By default, Default Web Site is selected in the ShareOn box.
4. Click to select the Share this folder check box, and then click OK.
5. In the Edit Alias window, click OK.
6. In the Property window, click OK.
To set the SSL security setting in IIS, follow these steps:
1. Click Start, point to Programs, point to Administrative Tools, and then click Internet Services Manager.
2. Expand your server, and then click Default Web Site.
3. On the Action menu, click Properties.
4. On the Directory Security tab, click Edit under Secure communications.
5. Click to select the Require secure channel (SSL) check box, and then click OK.
To create a new Web Project, follow these steps:
1. Start Visual Studio .NET.
2. On theFile menu, point to New, and then click Project.
3. Select Visual C# Project or Visual Basic Projects under Project Types.
4. Select ASP.NET Web Application.
5. In the Location box, type http://localhost/AspWebTest2.
6. Click OK. You may notice the error that is described in the "Symptoms" section of this article.

Back to the top

REFERENCES

For additional information, click the following article numbers to view the articles in the Microsoft Knowledge Base:

315588 (http://support.microsoft.com/kb/315588/ ) How to secure an ASP.NET application using client-side certificates

298805 (http://support.microsoft.com/kb/298805/ ) How to enable SSL for all customers who interact with your Web site in Internet Information Services

Back to the top