HTTP 407.3 forbidden errors with PartnerAuthenticator

[chappoo]

I've been trying to get our API working using partner oauth and have had no success; getting continual forbidden errors.

HTTP Error 403.7 - Forbidden
The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL) client certificate that the Web server recognizes.

I've read that partner oauth should now be working, here's the code I'm using:

        var partner_app_api = new XeroCoreApi("https://api-partner.network.xero.com", new PartnerAuthenticator("https://api-partner.network.xero.com",
                    "https://api.xero.com", "oob", new MemoryTokenStore(),
                    @"Z:\Steve\SparkleShare\public_privatekey.pfx",
                    @"Z:\Steve\SparkleShare\entrust.p12",
                    "password for entrust cert"),
                     new Consumer("key", "secret"), user,
                     new DefaultMapper(), new DefaultMapper());

        var partner_contacts = partner_app_api.Contacts.Find().ToList();
        partner_contacts.PrintDump();

To be honest, I get a bit confused with the documentation around the certificates and what they're 'called', but the above certificates are:

Z:\Steve\SparkleShare\public_privatekey.pfx = the one created here http://developer.xero.com/documentation/advanced-docs/public-private-keypair/

Z:\Steve\SparkleShare\entrust.p12 = the one I downloaded from entrust

All the details in 'My Applications' look to be setup correctly, and the public cert is a valid one generated using public_privatekey.pfx.

[mjava1]

Hi, this code looks ok, looks to be a SSL certificate issue (entrust cert) have you got the cert (.p12) installed into the Trusted Root Certification Authorities store ?

[chappoo]

Hi,

I didn't know it was a pre-req of the .NET wrapper to install the entrust cert in the TRCA store; thought it was stand-alone and handled by the .NET framework signing. I'll try installing and get back to you.

Thanks

[ronanq]

Github isn't the best place to ask - if you need help implementing, please post in our developer community: https://community.xero.com/developer/

That site is patrolled by Xero API support staff as well as members of the dev team.
We use Github issues only for wrapper library improvements.

Please also ensure you have read and followed the steps in this guide before you post anything: http://developer.xero.com/documentation/advanced-docs/using-partner-applications-with-iis/

Quick tip for @chappoo - don't try to reference certs off a shared disk :)

[chappoo]

@ronanq Thanks for the tip :) I was more looking for direct guidance on correct usage of the .NET wrapper which is why this issue exists. I've contacted dev community as well. Regards.