6:00 AM
El DiPablo
I periodically find myself blogging about Microsoft Dynamics products. Mainly because they are a pain in the ass, and fixing problems tends to yield decent blog articles...
Anyway, the other day I was faced with an issue. We use Dynamics Management Reporter 2012 at my day job, and it rarely gets used. Because of that, certain issues like an SSL certificate expiring easily gets overlooked until someone goes to use it and you find out a certificate has expired and you neglected to replace it!
Well, that happened to me when our Accounting Director went to use it and received the below error when trying to connect to our Management Reporter server:
Management Reporter
The server presented a certificate that could not be validated. Verify the certificate has been installed and is configured as a trusted root certificate on the client. Contact your administrator for help with certificate configuration.I Googled around a bit and only found articles about changing the certificate in IIS. The issue is, we don't use IIS with Management Reporter in our environment. I did find a solution though, using netsh via the command line!
Before you do anything else, install your new SSL certificate in your local computer's certificate store like you normally would. Google how to do that if you don't already know how.
Next, find out how binding is currently configured by running the following:
netsh http show sslcertYou will get something like this:
Next you want to delete that binding by running the following:
netsh http delete sslcert hostname=hostname:4713Be sure to replace hostname and port above with the information provided from the first command.
Now, we want to bind your new certificate. First you will need the thumbprint from your new certificate. You can find that by looking at your certificate's details tab, and scrolling to the bottom to see the thumbprint. Copy that information to notepad and remove the spaces.
Now you are ready to bind the new certificate by running the following:
netsh http add sslcert hostnameport=hostname:4713 certhash=<your certificates thumbprint> appid=<Your Application's ID> certstorename=MYBe sure to replace the hostname with the hostname from the first command above, use your new certificate's thumbprint without spaces, and use your application's ID from the first command above.
After that, not sure if you have to, but I restarted the Management Reporter services and everything worked fine.
If you know of an easier way to do this, I'm all ears. This worked for me though. If this helped you too, let us know in the comments!
