Dynamics Community Forum Thread Details

Hello experts,

We are on Dynamics 365 8.2 version. We have 2 front end , 2 back end and 2 Deployment servers. We have DEV, TEST, UAT and PROD environments.

For all these environments there is only one ADFS Server. The OrganizationID is same for all the environments.

We configured Claims and IFD in all the environments and pushed Dynamics 365 App for Outlook.

The OAuthSettings are enabled and added all the environments IFD URLS as AdfsClients. Everything was working fine until one day the security guys just updated SSL certificates on the CRM front end Load Balancer and the 2 CRM Front end servers.

Users can access CRM and everything works fine but "Dynamics 365 App for Outlook" now fails to Connect ALL the Environetments(DEV,TEST,UAT and PROD). The SSL certificate was replaced with the old Certificate now. But we still make the Dynamics 365 App for Outlook work in All the environments.

There was no change on the ADFS side but all environments Dynamics 365 App for Outlook fails with the following Error.

We're sorry

Something went wrong during sign-in. Please try again. If the problem persists, contact your system administrator.

Help me resolve this issue

Show less

Activity ID: b32e9732-7865-1f21-1158-648bf4cda997 Date: Wed, 04 Apr 2018 06:21:00 GMT Error: OnPremAuthenticationManager: State mismatch Trace: Error at ClientError (https://dynamics-x-test.xxxx/CrmMailApp/shim.js:1837:25) at tokenCallback (https://dynamics-x-test.xxxx/CrmMailApp/shim.js:630:33)

Code from shim.js shows

OnPremAuthenticationManager.prototype.retrieveTokenInternal = function (isSignOutNeeded) {
                var _this = this;
                if (this.accessToken && !isSignOutNeeded) {
                    this.tokenDeferred.resolve(this.accessToken);
                    return;
                }
                this.discoverEndpointAndResource().then(function (results) {
                    var authorizationUri = results[0];
                    var resourceId = results[1] || _this.orgUrl;
                    var authFrame = document.getElementById('authFrame');
                    Mscrm.Utilities.generateKey().then(function (stateKey) {
                        var tokenCallback = function (error, token, expiry, key) {
                            if (stateKey == key) {
                                _this.onTokenReady(token, resourceId, expiry);
                            }
                            else {
                                var internalError = "OnPremAuthenticationManager: State mismatch";
                                Mscrm.Boot.ErrorManager.handleError(new Mscrm.Boot.ClientError(internalError, Mscrm.Boot.ClientError.SignInErrorCode), internalError);
                            }
                        };

Fiddler trace show request

Then we have the error

As I said everything was working fine except the SSL on the PROD Front end servers and Load Balancer was replaced but now they have put the SSL certificate back to the old one but Dynamics 365 App for Outlook is still failing.

I have looked at the - https://community.dynamics.com/crm/f/117/t/70374 about how to renew the SSL certificate. But its too late for that.

Appreciate your help and direction in this.

Regards,

Danl.

Community site session details

Issue with Dynamics 365 App for Outlook after replacing/Renewing SSL certificate on the Load Balencer and CRM From end servers

Helpful resources

Quick Links

🌸 Community Spring Festival 2025 Challenge Winners! 🌸

Adis Hodzic – Community Spotlight

Kudos to the April Top 10 Community Stars!

Leaderboard > Microsoft Dynamics CRM (Archived)

Featured topics

Product updates