Get the .NET TU example to run on a test server with a production certificate

 

​​​Preconditions

Company / developer have a Production VOCES certificate.
If PID/CPR service is needed: PID/CPR access granted and SPID obtained.
Same preconditions as the previous step Get the .NET TU-Example to run on a test setup on a test server still applies.

 

Walkthrough

 

 1. Verify the certificate chain is installed
From the Run menu in Windows Server, type in: MMC.
Add snap-in and choose Certificates for Computer account.

1.jpg 

Verify the highlighted certificates are installed.
If not, install them from Certificate chain.
See earlier step Get the .Net TU-example to run on a test server for help on how to do this.
 
2. Start the IIS Manager

 2.jpg

    

3. Change certificate path in app.config & web.config
Change the certificate path in web.config and app.config to the location where the test certificates will be located on the test server.
For example C:\inetpub\certs\DanIDTestTU.pfx.

Note that this certificate file should be in the .pfx file extension.
 
4. Verify publish settings
Verify that the publish settings are as follows Project –> Package/publish settings.

3.jpg 

    

5. Publish project
Publish the TU-example project (on the local development client).
Right click on TU example project and choose Publish.

4.jpg 

Copy content from the Publish folder to the test server, and keep it for the next step.
 
6. Go to test server
Remove the default website from IIS Manager.
Copy the published project to the folder : C:\inetpub\wwwroot.
Add new website.

5.jpg 

Stop the IIS Server.
 
7. Configure application pool on IIS server
Select application pool for tuexample in the IIS Manager.

6.jpg 

Right click and choose Advanced Settings.

Set the Load User Profile to True.

7.jpg 

    

8. Startup application

Startup application by typing http://localhost/ in Internet Explorer and choose Variant 1 (Login med en-gangsnøgle).

This will fail as the App pool user has no priviliges to access the websites database file.
This failed request will however create the App pool user and allow us to grant access rights for the newly created user.
 
9. Grant access to App data files
Grant full access to app data files (database file log file) for App Pool user.
This can be done by doing the icacls command from a DOS prompt.
8.jpg

Paste it from here:
icals App_Data\ASPNETDB.MDF /grant tuexample:(F)
icals App_Data\aspnetdb_log.LDF /grant tuexample:(F)

Grant full access to certificate file for App Pool user.

9.jpg 

icals certs\DanIDTestTU.pfx /grant tuexample:(F)
 
10. Start the IIS server again 

  
11. Test the TU-example
Test the TU example again to verify that it works by inserting the URL: http://localhost/ into a browser.
If you have specified a default html file in your project, this must be added as well: http://localhost/Default.aspx
 
12. Running the TU example with your own production certificate
Now you are done with the test part of the release, and ready to deploy a version with your production certificate.