Dynamics Community Forum Thread Details

Server Side Sync (365 OnPrem <--> Exchange OnLine) private key not found -

I have been trying to get Server Side Sync setup for almost a week now and always running into same error when I run the "CertificateReconfiguration.ps1" script , I get the "Certificate Private Key is not found" error, yet I have verified the key exists, IFD is setup and working, ADFS is setup and working and CRM works fine. I am using a "Legacy Cert" (non-CNG), have ensured that the "NetworkService" account, which is the account that runs the Async process and also same account for the CRMAppPool has Read access to the private key. I can complete the setup and everything else passes, but then when I try and setup the Email profile in CRM, I get a "The certificate used for S2S authentication is not installed... "

I am using a public SSL by GoDaddy, and have re-keyd the cert and re-installed, also using teh DigiCert certificate tool to verify cert is working fine, all indications are that everytghing is fine, yet still getting this error

Any ideas? or help would be appreciated, or if I should be posting in a different group or somewhere else would help.

Thanks

Randall

I have the same issue. Everything is working - internal, IFD, EXCEPT Mail flow in and out of the CRM! Yesterday the CertificateReconfiguration.ps1" script ran smoothly with no errors, but mail still did not come in and some people were unable to access the CRM - i went through all the required steps after renewing a certificate and access for users came right, but mail flow still does not work. Today I go onto the CRM server to re-run the script and try and get mail working again and I get the error - "Certificate key is not found". Does not make sense! I had so many other errors with the other commands in this procedure, especially with WinRM and New-PSSession, but today for the first time i get "Certificate private key is not found". I am logged into the CRM server as the domain administrator.

Can someone confirm please..... the pfx that one installs on ADFS and CRM server is the same certificate one uses for the CertificateRecongigurationscript except that you rename it to "personalcertfile.pfx". Is this correct? I am sure this is how I have done it in the past years and now it will not work! If i go into the certificate personal store and check my wildcard certificate it shows "You have a private key that corresponds to this certificate". If i try and export that certificate though, it says that i cannot export the key as it has been marked as not exportable. Is this an issue?

Please can someone help me to get my mail working again! Another question that i have when running the scripts as per Connect Dynamics 365 (on-premises) to Exchange Online | Microsoft Learn - when it comes to asking for credentials - can one use ANY global administrator account?

Thanks in advance!

Quick Links