web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Blogs / Dynamics 365 Finance and Operations Blog / Renew Dynamics 365 for Fina...

Renew Dynamics 365 for Finance and Operations Certificate on Dev Machine

Views (230)
Dynamics 365 Cloud Blogs Profile Picture Dynamics 365 Cloud ... 180

This was a internal request from support team to quickly fix the certificate expire issue. I would like to post it here in case you need it. Please note this should only apply to your Dev VHD, and strongly recommand you create a checkpoint before proceed.

Symptom:

You will get error 503 when trying to access local URLhttps://usnconeboxax1aos.cloud.onebox.dynamics.com/

Check in Computer Certificates, you will see Certifcates started with DeploymentsOnebox expired.

Workaround:

One script for all steps(renew certificate,grant permission, replace in config, reset iis and batch)

Function Update-Thumberprint

{

Set-Location -Path “cert:\LocalMachine\My”

$oldCerts = Get-childitem | where { $_.subject -match “DeploymentsOnebox” -or $_.Subject -match “MicrosoftDynamicsAXDSCEncryptionCert”}

$ConfigFiles =

@(“C:\AOSService\webroot\web.config”,

“C:\AOSService\webroot\wif.config”,

“C:\AOSService\webroot\wif.services.config”,

“C:\FinancialReporting\Server\ApplicationService\web.config”,

“C:\RetailServer\webroot\web.config”

)

foreach ($oldCert in $oldCerts)

{

$newCert = New-SelfSignedCertificate -CloneCert $oldCert

#consider to delete the old cert

$keyPath = Join-Path -Path $env:ProgramData -ChildPath “\Microsoft\Crypto\RSA\MachineKeys”

$keyName = $newCert.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName

$keyFullPath = Join-Path -Path $keyPath -ChildPath $keyName

$aclByKey = (Get-Item $keyFullPath).GetAccessControl(‘Access’)

$permission = “EveryOne”,“Read”, “Allow”

$accessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $permission

$aclByKey.SetAccessRule($accessRule)

Set-Acl -Path $keyFullPath -AclObject $aclByKey -ErrorAction Stop

foreach($configFile in $ConfigFiles)

{

(Get-Content -Path $configFile).Replace($oldCert.Thumbprint,$newCert.Thumbprint) | Set-Content $configFile

}

}

}

Update-Thumberprint

iisreset

Restart-Service “DynamicsAxBatch”

Please copy all the script and run in powershell via administrator previligge.

Each time you run this script, it will create a new set of certificates. So do not repeat it.

Hope it helps.

The post Renew Dynamics 365 for Finance and Operations Certificate on Dev Machine appeared first on Dynamics 365 Blog.


This was originally posted here.

Comments

*This post is locked for comments