Hello again GP Community!

 

This information is for our customers that are on the Silverlight-based Web Client with GP 2013 and GP 2015. The Trusted Mode of the Silverlight application requires the presence of a signing certificate, which needs to be periodically refreshed. This will be the last certificate refresh for Dynamics GP 2013, since Mainstream Support for Dynamics GP 2013 is ending on 4/10/2018.

 

The recent updates for GP 2013 and GP 2015 Web Components contains the new GPTrustedApp.MSI. I've included these files in this blog post as well.

 

The technical aspects of this blog have been covered in the following blog post. I’ll be referencing some concepts from this post.

https://blogs.msdn.microsoft.com/developingfordynamicsgp/2012/09/18/microsoft-dynamics-gp-web-client-and-silverlight-security-requirements/

 

If the Web Client session cannot verify the presence of a valid Signing Certificate, the GPTrustedApp will continually show as “not installed”.

  

To troubleshoot this issue, first make sure that you are running the most recent Web Components. This issue can also occur if the Web Components currently installed is creating all new sessions where the XAP file is pointed to the old signing certificate. I was able to get around these issues by making sure all Web Components were updated. Since my original install was done using older RTM code, I had to reinstall using fresh bits and the issues went away.

https://mbs.microsoft.com/customersource/northamerica/gp/downloads/mdgp2013_webclientservicepackshotfixes

https://mbs.microsoft.com/customersource/northamerica/GP/downloads/service-packs/MDGP2015_WebClientServicePacksHotfixes#Downloads

 

After updating, you may receive the following error when accessing Web Client:

“Endpoint not found.”

 

The resolution is to make the following change to your SessionService.config file. The highlighted line will appear as value=”true”, change this to value=“false” as shown below, save the file, and restart the service.

 

The other thing I come across occasionally is that the TrustedApp.MSI doesn’t lay down the certs. If the issue of continuously being prompted to install the GPTrustedApp.msi persists to this point, then use the previously linked blog post to dig into the Silverlight XAP file in ClientBin to see exactly what certificate is being used for signing. You may need to look at the properties of the XAP file and manually install the certificate to the Trusted Publishers store of the local machine.

The following file contains the GPTrustedApp.msi for both GP 2013 and GP 2015. You can use this file to get the updated certificate, using the methods highlighted here and detailed in the previously linked blog.

GPTrustedAppMSI.zip