HTTP 403 (Forbidden) error.

Blog Post created by ajake01 Employee on Aug 17, 2016

I ran into a Scenario, where client was sending request to back-end via HTTPS directly via SoapUI,  avoiding the Gateway. Request goes through and comes back with response. So all GOOD. But when we go through the gateway, even though back-end will accept anonymous user, (no user and password or not certificate) it will still fail. SSL handshake will go through, but we would get 403 error. Anyway, we figured it out... The problem was, gateway was sending a certificate by default, from its private key. Back-end server took certificate from the gateway and didn't like ti for some reason. so it gave us 403 error.. so what we did, we told gateway, not to use any certificates / private keys .. just go blindly ..  so just right click the routing assertion, click "select private key" then click "use no private key , after we made a change, request went fine and we got response that we were looking for I hope this helps someone else Cheers Kemal