Skip to main content
Dynamics 365 Community / Forums / Finance forum / LCS Rotating secrets n...
Finance forum
Answered

LCS Rotating secrets not working

editSubscribe (0) ShareShare
ReportReport
Posted on by 14
We have not used the environment in some time, and our SSL cert has expired. In LCS I have been trying to /rotate secrets/ however after running for some time this results in /incomplete/.
I have logged into the VM using the username / password on the LCS environment details page - and windows warned me the users password had expired and needed changing. I updated the user account and set password not to expire, and kept it the same as the LCS environment page. I tried to rotate secrets again - same problem /incomplete/.
In the environment history there is no mentiong of even the attept of rotating secrets - its like nothing happens from the LCS environment history tab perspective.
 
How can I remedy this?
 
In addition - there are update packages to apply via LCS but these fail to. I was suspecting that the secret needed to be rotated first as perhaps the expired SSL cert causes the update attempt to fail.
Attachments
  • Suggested answer
    Navneeth Nagrajan Profile Picture
    Navneeth Nagrajan 1,168 on at
    LCS Rotating secrets not working
    HI,
     
    Another suggestion is in case, if the Rotate Secret SSL is not working the first time then you need to first do the following to make the Rotate secrets work.
    1. Rotate Dynamics Deployment certificate 
    2. Rotate Monitoring agent certificate
     
    Once the above mentioned certificates work then you can do a Rotate SSL certificate 
     
  • Andre Arnaud de Calavon Profile Picture
    Andre Arnaud de Cal... 283,080 Super User on at
    LCS Rotating secrets not working
    Thanks for providing your solution for the community, Darrell. I have marked your reply as a verified answer. 
  • Verified answer
    Darrell Tunnell Profile Picture
    Darrell Tunnell 14 on at
    LCS Rotating secrets not working
    Figured out the issue in the end
     
    Rotate secrets will fail if the WinRM ssl cert on the machine expires. Issue / fix described here https://cloudblogs.microsoft.com/dynamics365/it/2018/05/02/how-to-update-the-winrm-ssl-certificate-on-environments-deployed-in-your-subscription/
     
    Once I worked through this (the procedure itself had some issues I needed to workaround tsssk) then I was finally able to rotate secrets.
  • Andre Arnaud de Calavon Profile Picture
    Andre Arnaud de Cal... 283,080 Super User on at
    LCS Rotating secrets not working
    Hi Darrell,
     
    When rotating the secrets, the VM should be running. I thought it is trying to use the credentials from the LCS environment page. In case you changed the password (maybe you didn't), the rotating secrets can't be executed then.
    Have you checked if all licenses are still valid? The VM comes with time-limited evaluation software. Maybe the Windows license and/or SQL got expired?
     
    Anyway, if you deploy a new environment everything should work smoothly again.

Helpful resources

Quick Links

What Motivates a Super User?

We know many of you visit the Dynamics 365 Community and Power Platform…

Demystifying Copilot with Georg Glantschnig…

Industry experts answer burning questions directly from our amazing Community…

Setting Up Knowledge Sources for Copilot…

Look at how configuring a comprehensive knowledge base is crucial…

Leaderboard

#1
Andre Arnaud de Calavon Profile Picture

Andre Arnaud de Cal... 283,080 Super User

#2
Martin Dráb Profile Picture

Martin Dráb 222,601 Super User

#3
nmaenpaa Profile Picture

nmaenpaa 101,138

Featured topics

Product updates

Dynamics 365 release plans