Xero - beautiful accounting software

Xero Developer Help Center

Xero Developer Community

Community > API Authentication >

403 Forbidden when loading X509Certificate2 from a file

Started by Phil Bernie -   in API Authentication

We're trying to get our application to work with the Partner Authorisation process however we're having a few issues.

We are currently hosting our application on appharbor and as such, we can't install the client certificates on the server so we need to read them from a file, similar to the console application in the Xero Sample application.

I've modified the PartnerApplicationRunner class to user our consumer key and certificates but I get an error every time I try and call GetRequestToken()

I've modified the PartnerApplicationRunner to look like this:

private const string UserAgent = "USER_AGENT";
private const string ConsumerKey = "OUR_CONSUMER_KEY";

//This is the public certificate I uploaded in our application
private static readonly X509Certificate2 OAuthCertificate = new X509Certificate2(@"C:\Certs\certfile.pfx");

//This is the certificate I downloaded from the entrust site via firefox
private static readonly X509Certificate2 ClientSslCertificate = new X509Certificate2(@"C:\Certs\XeroEntrustCert.p12", "password");

Then, in the CreateRepository() method, I can create a new XeroApiPartnerSession without issue, but then when I try and call:

IToken requestToken = consumerSession.GetRequestToken();

It always throws a 403 forbidden exception.

Some other notes:

- I can see that the consumerSession.ConsumerContext has populated both the Key and PrivateKey values correctly

- When I step through and check the ICertificateFactory I can see that it's returning the XeroEntrust certificate

- If I step through to the DefaultConsumerRequestRunner and inspect the webRequest I can see that the ClientCertificates collection has the XeroEntrust certificate in there.

As far as I can tell, everything is being populated properly but I still seem to be getting a 403 forbidden every time I try and make a request.

Any information on why this is happening or what I might be able to try to rectify this problem would be greatly appreciated.
Official Xero Reply
Xero will begin to deprecate Entrust Certificates for Xero Partner Apps in 2017

http://developer.xero.com/documentation/advanced-docs/entrust-certificate-deprecation/
 

Sidney Maestre (Community Manager)