Try Microsoft Edge
A fast and secure browser that's designed for Windows 10
Has anyone been able to successfully change the URL on the AX7 VM from the default:
to say, https://localhost or something to that effect? I was trying to change via web.config but getting this error:
"The reply address 'https://localhost/' does not match the reply addresses configured for the application..."
Is this an AAD error?
Why would you want to change it? It is not an AAD error, but a misconfiguration.
@zibi99 did you get the soluion?
I am trying the same, but no luck.
I download offline D365 VM and want to expose it to internet for POC purpose.
It works only with 'd365.cloud.onebox.dynamics.com'
But when i am trying to open with https://localhost/ OR https://<ipaddress> it wont work and gives me generic below error.
"AADSTS50011: The reply address 'https://172.xx.xx.xx/' does not match the reply addresses configured for the application"
1.Added below redirect entry in web.config and same has been updated in Azure portal also
<add key="ida.PostLogoutRedirectUri" value="d365.cloud.onebox.dynamics.com" />
2.My domain name is different and even i created host A record (winhypvmtest.domainname.com) for the same.
3. Tried all the binding possibilities.
4.Even trying to rename entire URL but not succeed yet ?
Kindly help i am getting lost day by day.
if someone can figure it out, would be great help for testing with a local DEV VM!
None of the other addresses will work - as IIS setup prevents this. You can change the address... however it requires few steps to achieve it. Have a look at below screen:
As you can see... IIS website uses hostname. So you must use exactly the same url in your browser to be properly redirected to the D365 website. Additionally it uses HTTPS protocol so you must have a valid certificate. That's why you can't use localhost. In order to make it work you need to do the following:
1. Issue the certificate from valid certification authority
2. Trust the certificate and issuer (certmgr.exe)
3. Make some changes in website web.config file (mainly certificate thumbprints for issuer certificate and issued ceritificate - you can easily find places by searching current entries for thumbprint of *.cloud.onebox.dynamics.com certificate)
4. Replace the host name with the name you choose
5. Choose newly issued certificate
It's not easy process... however it's doable :).
That's cool! Sebastian
I will try to generate a new certificate from the IIS, and chnage the thumbprint in website web.config file.
thank you alot letting me know it's doable!
After lots of efforts (Importing new certificated/change in thumbprints at web.config, wif.config and wif.service) i am able to rename the default URL to required one and successfully working for me.
Thanks for comments, which gives me a way out.
Could you please help me out on the configuration file edting. I am trying to change the URL.
Please follow the below steps , hope so it should work for you as well.
Keep eye on application event viewer logs if something went wrong that will help you to rectify.
(https://www.sslsupportdesk.com/export-ssl-certificate-private-key-pfx-using-mmc-windows/) Store certificate in Computer account.
Give Friendly name of Certificate e.g host.mydomain.com
Import through IIS > Server Certificate > and Bind with AOSService Site.
Map Friendly name of Certificate e.g host.mydomain.com
Map new Certificate with AOSService.
below files needs to be configured with new thumbprint
IMP : Change new created certificates thumbprint with UPPERCASE.
<add key="Infrastructure.CsuClientCertThumbprint" value=" REPLACE WITH EXISTING *CLOUD.ONEBOX.DYNAMICS CERTIFICATE THUMBPRINT TO NEW CERTIFICATE THUMBPRINT” />
REPLACE WITH EXISTING *CLOUD.ONEBOX.DYNAMICS CERTIFICATE THUMBPRINT TO NEW CERTIFICATE THUMBPRINT
<add thumbprint="CHAGNE THIS TO NEW CERTIFICATE THUMBPRINT" />
<add name="CN=*.ENTER FRIENDLY NAME OF CERTIFICATE" />
<add thumbprint="3FF129E9D504812A1FEA0E6AE748F3D78AF2119C" />
<add name="CN=DeploymentsOnebox.DaxRunnerTokenUserCertificate.pfx" />
<wsFederation passiveRedirectEnabled="true" issuer="login.windows.net/.../wsfed" realm="spn:00000015-0000-0000-c000-000000000000" reply="https://FRIENDLY NAME IN FQDN/" requireHttps="true" />
<cookieHandler requireSsl="true" domain=" FRIENDLY NAME IN FQDN " path="/" />
cmd> iisreset /stop
Best of Luck.
It didnt work. It seems mismatch address in security certificates (it show in the browser, wiht error 500). I am using godaddy wildcard certicate instead of self-signed certicate.
can you assist me on this.
pls share application event logs
The remote certificate CN=*.dnetsoft.com, O=Dynamic Netsoft Technologies Private Limited, L=Chennai, S=Tamil Nadu, C=IN has and invalid name or does not match the host usnconeboxax1aos.cloud.onebox.dynamics.com Machine: D365-TRIALVM
Can i share the 3 files i did configure. How can i attach the files to you.
share at dipak_jagdhane (AT) hotmail (DOT) com
Received the following exception when contacting the AX Metadata Service possibly due to expired token. Attempted to retry the operation 5 times with no success. Could not establish trust relationship for the SSL/TLS secure channel with authority 'usnconeboxax1aos.cloud.onebox.dynamics.com'.
So you say it works with this url: .
I guess then it works also with my-test2, my-test3 and so on? And you can setup your DNS soo that each of these urls map to different onebox.
Why would you then need to change the url in the onebox (which is what this thread is about)?
To me it looks you already have the solution for connecting your third party app with multiple oneboxes.
Business Applications communities