3
votes

I want to use MPNS in my windows phone app and we are going to authenticate the webservice which is sending the push to clients.

I have the done the all steps that are needed for MPNS authentication.

  1. Uploaded the certificates on my WindowsPhone dev dashboard.
  2. Created the channel name with the common name of my certificates
  3. Getting the return URI with https:// thats mean my push channel is authenticated
  4. Adding certificates to my WebRequest header

But when I am going to send push message and send webrequest but I am getting "The remote server returned an error: (403) Forbidden." response. I have read that I am doing something wrong with my request and not adding certificate properly.

Here is my code for Request Header

X509Certificate2 Cert = new X509Certificate2(Server.MapPath("Certs/abc.crt"), "password"); request.ClientCertificates.Add(Cert);

We have verisign ssl and i am testing this from my visual studio IIS. Its not hosted on any server right now and even not configured in IIS and no SSL configured for IIS.

Is that the issue or something else.

1

1 Answers

0
votes

There's no unique answer for your problem.

However, when you add a client certificate to your request you only add the public key to it. The server will then respond with a challenge signed with your public key (see client certificate authentication) and you need to decipher and respond to it with your private key. If this authentication process fails, you will get a 403 forbidden.

Therefore, you must ensure that the .pfx/.p12 (containing your private key, public certificate, intermediate CA and Root CA certificates) is imported to your local machine certificate store and that your IIS server has access to it.

Because there are so many variables related to Windows, you can use Curl instead for testing purposes. Note that you must convert your .pfx/.p12 to .pem first (use openssl).

curl --cert P:\cert.pem:PASSWORD -v -H "Content-Type:text/xml" -H "X-WindowsPhone-Target:To
ast" -H "X-NotificationClass:2" -X POST -d "<?xml version='1.0' encoding='utf-8'
?><wp:Notification xmlns:wp='WPNotification'><wp:Toast><wp:Text1>My title</wp:Te
xt1><wp:Text2>My subtitle</wp:Text2></wp:Toast></wp:Notification>" https://am3.n
otify.live.net/unthrottledthirdparty/01.00/push_uri_here

Once you get that working, you may face the same problem as me: some notifications are being sent correctly and some others are rejected with a 403 forbidden for no apparent reason. See this thread:

http://social.msdn.microsoft.com/Forums/sharepoint/en-US/383617ab-eafe-45fb-92cc-5e4b25a50e7f/authenticated-push-notifications-failing-randomly-403-forbidden?forum=wpnotifications

and the same here:

https://stackguides.com/questions/23805883/windows-phone-authenticated-push-notifications-failing-randomly-403-forbidden