Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Dynamics 365 Community / Forums / Business Central forum / Email from BC - The op...
Business Central forum
Unanswered

Email from BC - The operation was aborted to prevent exposing a secret value.

(4) ShareShare
ReportReport
Posted on by FW-22101011-0 11
Hi, all,
 
I am hoping someone may be able to shed some light on an issue we are facing.
We are currently migrating from NAV 2017 to Business Central 2024 Wave 1 on prem.
 
Our current configuration is as follows:
- Webserver is in our DMZ, NAT through to the web services from Entra ID IP ranges as specified by Microsoft in following location: https://www.microsoft.com/en-us/download/details.aspx?id=56519
- BC server and SQL instance on same server on our LAN
- Firewall rules to permit traffic for client and web services from DMZ to LAN, and WAN (Entra ID IP ranges) to DMZ. 
- Permissions for the API have been configured according to the following: 
    - Graph/User.Read Delegated
    - Graph/Mail.ReadWrite Delegated
    - Graph/Mail.ReadWrite Delegated
    - Graph/Mail.Send Delegated
    - Graph/offline_access Delegated
    - Graph/Mail.Send.Shared Delegated
- Client services using SSL
- Public SSL cert for web server
- Self-signed SSL for BC server for client services, authority trusted by web server in DMZ.
 
 
We are currently able to sign in to Business Central using Entra ID successfully, and used the guides located at https://learn.microsoft.com/en-us/dynamics365/business-central/dev-itpro/administration/configure-web-server
 
The Problem
The issue we are facing, is that whenever we attempt to send an email or even access the page "Email Microsoft Entra application registration" we get the error: The operation was aborted to prevent exposing a secret value.
There is very little information on this error online, and I'm not sure where to start. 
 
I have attached the error in BC, as well as the Windows Event log.
 
 
 
 
Categories:
Other
Picture1.png
Screenshot 2024-1...
  • CU28101530-0 Profile Picture
    CU28101530-0 on at
    Email from BC - The operation was aborted to prevent exposing a secret value.
    Hi,
     
    Unfortunately, I run into the same issue when upgrading Onprem BC23 to BC24. I haven't changed anything and suddenly it stopped working. Microsoft, what has changed suddenly?? Seems this is a bug or something in BC24 to me...
     
    I hope someone got an answer for us...
  • FW-22101011-0 Profile Picture
    FW-22101011-0 11 on at
    Email from BC - The operation was aborted to prevent exposing a secret value.
    Khushbu - Thank you for your response, 
    For some further information, we have a verified trust to our local CA from the webserver in the DMZ.
    In my original post, I mentioned the permissions which have been configured for the email application.
     
    All services such as SOAP, OData, Management and Client services are running via SSL from the BC server.
     
    I have managed to now grant the permissions to the Outlook REST API via Entra Applications in Business Central and it seems happy with this, however I am still unable to send emails or reach the page "Email Microsoft Entra application registration" as I continue to get the error "The operation was aborted to prevent exposing a secret value.".
     
    It is worth mentioning the following:
    - We are authenticating with Entra ID via App ID and Secret, rather than the app certificate.
    - The following URLs are configured: PublicODataBaseUrl, PublicSOAPBaseURL and PublicWebBaseURL are configured to the FQDN of the WEB server in the DMZ. The ports for SOAP and OData are not currently being NAT'ed through our firewall.
     
    Could either of these (mis) configurations cause an issue with what we are trying to achieve?
     
    Thanks in advance. 
     
  • Khushbu Rajvi. Profile Picture
    Khushbu Rajvi. 3,316 on at
    Email from BC - The operation was aborted to prevent exposing a secret value.
    verify that your Microsoft Entra application registration has the correct permissions, including Graph API permissions like Mail.Send and Mail.Send.Shared, with admin consent granted. Additionally, check that the redirect URIs in the application registration match those used in Business Central, and ensure your SSL configuration is correct, with the self-signed certificate trusted by the web server in the DMZ.
     

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Replay: Dynamics 365 Community Call ERP Edition | October 9, 2024

Another great gathering of our Community!

Anton Venter – Community Spotlight

Kudos to our October Community Star of the month!

Announcing Our 2024 Season 2 Super Users!

A new season of Super Users has arrived, and we are so grateful for the daily…

More Community News

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 290,665 Super User 2024 Season 2

#2
Martin Dráb Profile Picture

Martin Dráb 228,971 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,150

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans