Hi everyone,
I've inherited an old MSCRM implementation at a new job that has not been working for some time. I suspect that it's an issue with an expired certificate, that was used for ADFS. However, having replaced that certificate I'm still getting errors. This is the error we get when trying to browse to the URL of Dynamics:
Server Error in '/' Application.
--------------------------------------------------------------------------------
Relying Party Certificate was not found.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Microsoft.Crm.CrmSecurityException: Relying Party Certificate was not found.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[CrmSecurityException: Relying Party Certificate was not found.]
Microsoft.Crm.Authentication.Claims.ClaimsUtility.GetServiceConfiguration() 1737
Microsoft.Crm.Authentication.Claims.CrmFederatedAuthenticationModule.SetDefaults() 719
System.Web.HttpApplication.InitModulesCommon() 202
System.Web.HttpApplication.InitInternal(HttpContext context, HttpApplicationState state, MethodInfo[] handlers) 1089
System.Web.HttpApplicationFactory.GetNormalApplicationInstance(HttpContext context) 232
System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) 426
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.8.4110.0
In IIS, having browsed to the Dynamics site, as well as the default site, the bindings look correct and associate :443/https with the correct cert. No matter what cert, or combination of certs that I use, produce the same error.
When I look in "AD FS 2.0" manager, I browse down to "Trust relationships -> relying party trusts" and I see 2 entries. Both show as having red x's next to them. So obviously this seems like a problem area, but I'm not sure what to do, as I am quite novice when it comes to Dynamics and ADFS as a whole. When right clicking, I get the option to "Update from federation Metadata", but am given the error in the image below. I do have the option to add/create a new Relying Part Trust, but I do not know how to associate this with the dynamics page. Specifically I don't know what to use for the "Federation metadata address (host name or URL). Our URL to access crm is "crm.domain.com" with the main landing page being "crm.domain.com/main.aspx".
Any information here would be helpful.
Thank you
