Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Business Central forum / Connecting to BC on-pr...
Business Central forum

Connecting to BC on-prem with Android / iOS app (self-signed certificate)

(0) ShareShare
ReportReport
Posted on by Chris Greenwood 60

I am trying to connect to a BC on-prem system using the Business Central Android / iOS app. The certificate is self-signed - I followed the instructions described here: How to get Microsoft Dynamics NAV for tablets to connect using a self-signed certificate.

However, I am getting the error message "Server connection timeout occurred."

I am able to connect using a browser rather than the app. And I've previously used the same phone to connect to NAV systems using the NAV Android app and a self-signed certificate.

So my question is, does the BC app not allow connections using self-signed certificates?

Thank you in advance for any suggestions.

Chris

Categories:
Web and mobile experience
Other
  • Chris Greenwood Profile Picture
    Chris Greenwood 60 on at
    RE: Connecting to BC on-prem with Android / iOS app (self-signed certificate)

    Hi Carles,

    Unfortunately I never managed to get it working with a self-signed certificate. At the time I didn't look into it much further since I was only testing for my own purposes, not a customer's.

    Anyway having just tried again, I noticed that after installing the certificate on my Android phone, it appears in "User Credential" rather than "Trusted Credentials\User". I understand that the certificate needs to appear in "Trusted Credentials", so I my guess is that this is the reason for the problem.

    App developers can opt to trust a custom CA by including it in their app's configuration file. See:

    developer.android.com/.../security-config

    stackoverflow.com/.../list-certificate-stored-in-user-credentials

    But I could not find a way for a user of an existing app to do the same thing. My phone has some old self-signed certificates in "Trusted Credentials\User" but I am not sure how I installed them there.

    I wonder if your case is the same?

    Regards,

    Chris

  • CarlesVazquez Profile Picture
    CarlesVazquez 5 on at
    RE: Connecting to BC on-prem with Android / iOS app (self-signed certificate)

    Hi Chris, I'm in the same case. Did you manage to fix it?

    Regards,

    Carles

  • rsharma Profile Picture
    rsharma 10 on at
    RE: Connecting to BC on-prem with Android / iOS app (self-signed certificate)

    Hi Have you managed to log in  the phone client with self signed certificate

  • Viki NTS Profile Picture
    Viki NTS 250 on at
    RE: Connecting to BC on-prem with Android / iOS app (self-signed certificate)

    Hi,

    please check the certificate which you installed is right one.

    i too had this problem, i just deleted installed certificate from my Phone also searched and  deleted certificate .cer file from android phone and tried again it worked for me.

  • Chris Greenwood Profile Picture
    Chris Greenwood 60 on at
    RE: Connecting to BC on-prem with Android / iOS app (self-signed certificate)

    Hi Vigneswaran,

    Thanks for your help.
    My certificate indeed was missing the Subject Alternative Name, so I created a new certificate as you described and confirmed that it did include SAN (DNS Name=certauth.fs.<my domain name>). But unfortunately, when I tried to connect with the Android app, I got the same error as before.
    I will have to do some further experimentation/investigation. I wish the app would show a more detailed error message instead of the catch-all of "connection timed out" !

    Regards,
    Chris

  • Suggested answer
    Viki NTS Profile Picture
    Viki NTS 250 on at
    RE: Connecting to BC on-prem with Android / iOS app (self-signed certificate)

    Hi Chris,

    this might be because of the SAN (Subject Alternative Name) in your Certificate

    There is a change in Command for Generating the Self Signed Certificate, use below command to create New Self Signed Certificate and use it for Connecting Mobile / Tablet Client

    New-SelfSignedCertificateEx -Subject ‘CN=<IP/Domain>’ -IsCA $true -Exportable -StoreLocation LocalMachine -SubjectAlternativeName certauth.fs.<IP/Domain>, <IP/Domain>

    More Info : cetastech.com/.../certificate-changes-for-your-nav-mobile-client

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

November Spotlight Star - Khushbu Rajvi

Congratulations to a top community star!

Forum Structure Changes Coming on 11/8!

In our never-ending quest to help the Dynamics 365 Community members get answers faster …

Dynamics 365 Community Platform update – Oct 28

Welcome to the next edition of the Community Platform Update. This is a status …

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 291,269 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 230,198 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,156

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans