Hi all,

I don't usually post on here, however we have renewed a self-signed cert on our Dynamics Application Server and are attempting to run the CertificateReconfiguration script with the export of the updated certificate and are running into issues - using an ON-PREM solution. We get the below as an output in powershell:

------------------------------------------------------------------------------------------------------------------------

Set-CrmCertificate : The remote server returned an error: (400) Bad Request.
At C:\Program Files\Microsoft Dynamics CRM\tools\CertificateReconfiguration.ps1:198 char:3
+         Set-CrmCertificate -CertificateType $certificateType -DataFile $script:tempPub ...
+    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (Microsoft.Crm.P...rtificateCmdlet:SetCrmCertificateCmdlet) [Set-CrmCer
   tificate], WebException
    + FullyQualifiedErrorId : CRM Deployment Cmdlet Error,Microsoft.Crm.PowerShell.SetCrmCertificateCmdlet

[11/14/2019 14:56:38]  The remote server returned an error: (400) Bad Request.
[11/14/2019 14:56:38]  Fail to configure Microsoft Dynamics CRM to use the specifed certificate.

------------------------------------------------------------------------------------------------------------------------

Is this meant to update the certificate in the db.Certificates table (designated as the S2STokenIssuer?  Have tried to find something on the internet for best guidance on changing the Certificate in MMC, then updating SharePoint integration - any ideas will be welcome.

We have removed the old certificate after creation of the new certificate, then we have attempted to run the integration script - we understood that this was meant to:

------------------------------------------------------------------------------------------------------------------------

1. Installs the certificate to the certificate store on the server

# 2. Grants the specified account access to the certificate

# 3. If specified updates Microsoft Dynamics CRM Server to use this new certificate,

# use set-crmCertificate to update certificate in ConfigDb

------------------------------------------------------------------------------------------------------------------------

Looking at the ps1 script it seems to indicate this line of code, but we're not really understanding this - if someone is able to advise what this is doing again it would be appreciated:

------------------------------------------------------------------------------------------------------------------------

# Configure CRM to use certificate

       # Check if certitifcate find type is passed

       if ([bool]$storeFindType)

       {

              #if storeFindType is passed as an argument, then StoreName and StoreLocation needs to be passed and these are set to default value

              Set-CrmCertificate -CertificateType $certificateType -DataFile $script:tempPublicCertificate -StoreFindType $storeFindType -StoreName "My" -StoreLocation "LocalMachine"

       }

       else

       {

              Set-CrmCertificate -CertificateType $certificateType -DataFile $script:tempPublicCertificate

       }

       CheckErrorLogAndExit "Fail to configure Microsoft Dynamics CRM to use the specifed certificate."

       Write-Host "Microsoft Dynamics CRM has been configured to use the specified certficate."

       CleanUp

}

------------------------------------------------------------------------------------------------------------------------