I had a major issue today with my Impark local development
environment. Whenever, I tried to start an instance, I kept getting an
HTTP 500 (internal Server Error). Checking HTTP 500 with D365 got me
nowhere. I finally looked in my Event Viewer, I found a number of errors
related to Expired Certificates.
Exception information:
Exception type:
ExpiredCertificateException
Exception
message: Expired certificate for id '61EF4024783735137DBA51E341E36A0AE6A89497'.
Checking that, I was able to find that the SSL Certificates
used by D365 had expired. It appears that the copy of my installation is
a year old. Checking further, I was able to find a way to renew the
certificates. Search and Open Manage Computer Certificates.
Select Personal -> Certificates. Look For the
DeploymentOneBox entries.
For each, double click and go Details -> Thumbprint.
Copy and Paste the Thumbprint to Notepad. Put each entry on
a separate line. When finished, replace all spaces with empty. Once
you have all 4 numbers, you can create a power shell script. At the top
of file, put:
Set-Location -Path "cert:\LocalMachine\My"
The for each Thumbprint, create the following 2 lines:
$OldCert = (Get-ChildItem -Path
2e10fea6fcd1a23d0ba5dfefe5ce2eb3d8915f1a)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
Where the long number is the Thumbprint.
The full script should look like:
Set-Location -Path "cert:\LocalMachine\My"
$OldCert = (Get-ChildItem -Path
2e10fea6fcd1a23d0ba5dfefe5ce2eb3d8915f1a)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
?$OldCert = (Get-ChildItem -Path
61ef4024783735137dba51e341e36a0ae6a89497)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
?$OldCert = (Get-ChildItem -Path
3591d2eb68e980666190fe2b4c7f2abf14e55871)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
?$OldCert = (Get-ChildItem -Path
cc5ba410b7fbb04249020b181fdad0fcf999698a)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
You can run all the thumb prints one at a time or all
together. After each pair, you will get some output. Copy and paste
the new Thumbprint under the entry for the old one. Your file should now
look like:
Set-Location -Path "cert:\LocalMachine\My"
$OldCert = (Get-ChildItem -Path
2e10fea6fcd1a23d0ba5dfefe5ce2eb3d8915f1a)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
B977B19D03EDB88B4D5CD647DFA839D3E4AEBA23
?$OldCert = (Get-ChildItem -Path
61ef4024783735137dba51e341e36a0ae6a89497)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
47CF0D5220C9457ABEFB53AF026600ED24A00584
?$OldCert = (Get-ChildItem -Path
3591d2eb68e980666190fe2b4c7f2abf14e55871)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
1F710D2AE32F0202499C586F3A1B8B3A6FE1EC7A
?$OldCert = (Get-ChildItem -Path
cc5ba410b7fbb04249020b181fdad0fcf999698a)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter
(Get-Date).AddMonths(999)
9256AC02204C006D47AC10D1DD51DC27DF3B2A6F
Where the number under each pair is the new
thumbprint. Now in Visual Studio, open <D365 Install Drive>:\
C:\AOSService\webroot\web.config, wif.config and wif.services.config.
Once open, do a global replace in files of the Old Thumbprint with the new
Thumbprint. Save the files with a .config.new extension. Open the
file explorer and navigate to the webroot directory. Take the existing
config files and add the extension .old or .bak. Remove the .new
extensions from the 3 new files (this can’t be done in Visual Studio owing to
permission issues). Once complete, reboot and you should be working
again.
The original link was found at: https://community.dynamics.com/ax/b/axilitynet/archive/2018/03/27/fix-certificate-issues-on-development-machines
No comments:
Post a Comment