Changing the certificate used for Channel database sync in AX 2012 Retail

I have been trying the past couple of bays to get retail up and running on the Microsoft Dynamics AX 2012 R3 demo environment. There are some issues in the default environment that needs to be fixed before everything is running flawlessly.

One issue I noticed was that the SSL certificate used between the async client and async server has expired (in 2015 Smile ).

           image

To fix this we first need to request and issue a new certificate. Since the CA in the Demo is a stand-alone CA we cannot use the MMC to request the certificate, so I am using the web interface. Start Internet Explorer and browse to the address https://localhost/certsrv (since the certificate for the site is not issued to localhost there will be an error… ignore this).

           image

Select Request a certificate

           image

Select advanced certificate request

           image

Select create and submit a request to this CA

           image

Click Yes to continue

          image

Fill in the name of the certificate. In our case the adress is retail.contoso.com, the other fields are not mandatory. Select Server Authentication Certificate and check  Mark keys as exportable. Click Submit.

           image

Note the id of the request and start the Certificate Authority mmc Management Console

           image

Find the request above under Pending Request. Right-click and select the task Issue

           image

Go back to https://localhost/certsrv and click View the status of a pending certificate request. Click your request.

           image

Click Yes to continue.

          image

Click the Install this certificate. Unfortunately the certificate will be installed in you personal Certificate Store and you will have to move it before IIS can use it.

          image

Start the management Console and add the Certificates snap-in for Current User and for Local Computer. Go to Current User – Personal – Certificates and find your new certificate

          image

Right click the certificate and select Export

            image

Select Yes, export the private key

           image

Check Export all extended properties and click next

           image

Enter a password and click next

          image

In the console on Local Computer – Personal – Certificates right click and import the Certificate you exported previously

          image     image

In IIS Manager edit Binding for the sites AsyncServerSite and Retail Server Website and change the certificate for HTTPS. Restart the IIS sites.

That is all

/Johan

Leave a Reply