I'm getting 403.13 in IIS logs, when I'm trying to access my api using the created certificate(sha1). Further I tested the same certificate in other test environment it works treat and I get the the XML from the api without any issue.
Certificate pfx is installed in Certificate store and in the browser I'm using Windows 2008 R2. Certificate is not been revoked but this issue really made me baffled. I'm new into this, however I think I covered everything interms of my investigation(firewall rules and antivirus and everything) and as its working in other test env and not in the uat, its really leave me no choice apart asking for help. Not sure what to look at, appreciate if anybody shed some light or give us pointers to investigate.
Ta Shoaib
Check if CRLs in certificate chain of client certificate are reachable by the server. Chain has to be build on server side so check if you have all certificates in corresponding stores (root, intermediate ...). certutil command might help you with it.