When trying to activate a new device for MPOS working on version R3 CU9 (but I guess this applies to CU8 as well), one of the error you will get in the UI is the DA2003 which can translate in the Windows Events as System.ServiceModel.Security.SecurityNegotiationException:
The X.509 certificate CN=YourCN chain building failed. The
certificate that was used has a trust chain that cannot be verified.
Replace the certificate or change the certificateValidationMode. The
revocation function was unable to check revocation for the certificate.
The fix is simple enough and I already blogged about this at http://axfaq.blogspot.ro/2015/09/generate-certificates-with-crl-for.html .
This will generate a certificate with a CRL, so that the check above is successful. I have played a little bit initially with setting the certificateValidationMode in the web configs of the different components involved in the process, but with no success following that path, so, generating proper certificates was the right way.
The error is thrown from the following place: CommerceRuntimeException was thrown.Microsoft.Dynamics.Commerce.Runtime.UserAuthenticationException: An error occurred during logon. ---> Microsoft.Dynamics.Commerce.Runtime.CommunicationException: Exception while calling invoke method RetailServerStaffLogOn: The X.509 certificate CN=YourCN chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. The revocation function was unable to check revocation for the certificate.
No comments:
Post a Comment