Friday 13 July 2018

How to fix certificate expiry in D365

In this blog we will discuss how we can fix the validity of the expired certificates or nearly expired certificates. As far as I know there is no way to extend the validity of such certificates. So in this blog I will discuss the workaround which is creating the certificate clones with new expiry dates.



Step 1:
Certificates get accessed by their thumbprint which is a 40-digit hexadecimal value. You can see it by double-clicking the certificate in the certificates viewer and open the Details tab. We need it to be upper case without blanks and search it in configuration files located in C:\AOSService\webroot.

Files:
1- web.config
2- wif.config
3- wif.services.config

























Step 2:
Clone the cerficate by using powershell command make sure you open powershell as administrator.
Run Command:
Set-Location -Path "cert:\LocalMachine\My"
$OldCert = (Get-ChildItem -Path 43082FE50B4D02562C89EA728B2363C598E84886)
New-SelfSignedCertificate -CloneCert $OldCert -NotAfter (Get-Date).AddMonths(999)


Note: 999 is the number of months the certificate will be valid until. Should be fine for quite some time. The execution of this creates some output thumbprint copy and note the thumbprint of the newly created certificate and replace it in the configuration files mention in Step 1.



Step 3:
Repeat above steps for all the expired certifactes. When you done with the step 1 & 2. Reboot some services (IIS, Batch, SSIS, MR, SQL) on the machine.

That is all you need to do to fix the certificate expiry as shown in image.









Reference links:
Fix Certificate Issues on Development Machines
Rotate the expired or nearly expired certificates on your downloadable VHD

2 comments:

How To: Customize BankPaymentAdviceVendV2 SSRS Report

In D365FO, there are two versions available for bank payment vendor invoices. However, in the latest version, Microsoft has made it mandator...