You’re offline. This is a read only version of the page.
Hi all,
I have a problem where the system checks window is returning a red cross in the Federation metadata URL after renewing the wildcard certs.
Some details:
CRM and ADFS are on two separate servers and includes an ADFS Proxy in the DMZ.
Everything was working fine until we changed the certificates, after the new certificates were installed to all three servers
1. Server 2008 R2 - CRM 2011 – UR18
2. Server 2008 R2 - ADFS
3. Server 2008 R2 - ADFS Proxy
All service accounts were again granted read privileges on the new certs crm apppool, adsf service account on both the proxy and ADFS.
When running through the CRM deployment manager and configuring claims based authentication, the system checks returned a red x under Federation metadata URL with a description - The federation metadata URL "https://"adfs.domainname"/federationmetadata/2007-06/federationmetadata.xml". I then pasted this URL into IE and can browse to the ADFS instance with no certificate errors.
All DNS entries resolve correctly and I can browse to CRM via the local host.
Any assistance would be appreciated.
*This post is locked for comments
Thanks!!!!! I've been stuck on this problema for hours until I read your post.
One more thing to look which I found out after hardening the server:
While ADFS and CRM work fine if you disable TLSv1, you will not be able to update/pass check on the federation metadata.
In our case, I deployed everything, then harden it. No problems there. However, when it came time to renew the certificates, I could not get the wizard to go through (it could not read the federationmetadata.xml).
So, you can use a tool like IISCrypto to re-enable temporary TLSv1, get your cert renewed, and then disable it.
Hi MarkGi,
if you are facing same issue like Mark, make sure after replacing the Certificates on ADFS and ADFS Proxy sever set those certificates as a Primary and restarted ADFS services and IIS on both the servers.
for more details please refer below URL.
community.dynamics.com/.../356722
Thank you !
Unfortunately we could not resolve this issues and performed a re-install of CRM, not the news you would like to hear...
Hi V.B.
we experience the same problem.
what did you do to resolve the problem?
thanks in advance for your answer
Hi Mark,
we have the same issue.
can you tell me what you did to resolve this issue?
thanks in advance
I've been having the exact same problem since yesterday.
Haven't found a solution yet.
#1
Mohamed Amine Mahmoudi
83
Super User 2025 Season 1
#2
Community Member
54
#3
Victor Onyebuchi
6
Share
Report
All responses (
Answers (
