Certificate is invalid

8 posts, 0 answers
  1. David
    David avatar
    3 posts
    Member since:
    Apr 2018

    Posted 25 Apr 2018 Link to this post

    We are attempting to use Fiddler as a proxy to capture traffic being sent from Microsoft Dynamics NAV to SharePoint via a plugin we have written for NAV. 

    I have added the below to    "C:\Program Files\Microsoft Dynamics NAV\90\Service\Microsoft.Dynamics.Nav.Server.exe.config"

     

    <defaultProxy>
          <proxy autoDetect="false" bypassonlocal="false" proxyaddress="http://127.0.0.1:8888" usesystemdefault="false" />
     </defaultProxy

     

    When our plugin (DC.SharePoint.ComWrapper) attempts to connect to SharePoint via Fiddler we receive the below error.

     

    Microsoft Dynamics NAV
    ---------------------------

    A call to DC.SharePoint.ComWrapper.ListItemWrapper.Create failed with this message: The remote certificate is invalid according to the validation procedure.
    ---------------------------
    OK
    ---------------------------

    Does anyone have any suggestions as to what I could be missing? The NAV service runs as a domain user, which has the Fiddler root certificate in it's trusted root certification authorities store.  I have also tried putting it in the local computers store and running the service in the Network Service account.

    The only thing I have noticed, is in the Raw capture, there is a line saying:

    "Time": 26/09/2021 02:52:10

    The date and time specifieid changes to seemingly random date around 50 years either side of the date today. However I am not sure if that is being used to validate the certificate?

    Any help would be greatly appreciated.

  2. Alexander
    Admin
    Alexander avatar
    383 posts

    Posted 10 May 2018 Link to this post

    Hi,

    The "Time" field is pseudo-random and should not be related to your problem.

    If you let the application use the system proxy settings (instead of setting it explicitly) is the result the same? If yes, I would suggest to try using different certificate generator. It is called CertMaker and you can download it from here - https://www.telerik.com/fiddler/add-ons.

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. David
    David avatar
    3 posts
    Member since:
    Apr 2018

    Posted 11 May 2018 in reply to Alexander Link to this post

    Hi Alexander,
    Thanks for your reply.  I have:
    Installed certmaker
    Restarted Fiddler
    Deleted and reinstalled the fiddler root certificate in the trusted root certificates of the local machine store and the current user store.
    Removed the proxy address from the Microsoft.Dynamics.Nav.Server.exe.config.  (I found this was only necessary when the service was running as Network Service).
    Restarted the Dynamics NAV service running as a normal user (called dcadmin).

    But I still get the same error.

    I can browser to https://www.google.co.uk in IE running as dcadmin and see that the fiddler root certificate is trusted, but it is not trusted by the dynamics nav process, also running as dcadmin.


  4. Alexander
    Admin
    Alexander avatar
    383 posts

    Posted 16 May 2018 Link to this post

    Hello,

    It sounds like this application you are trying to use is not using the certificate store built-in in Windows. This is really strange since it is Microsoft product.

    Did you restarted this software after adding the certificate to the store (I would suggest system restart if possible)? It is very long shot, but it's worth trying.

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  5. Christian
    Christian avatar
    2 posts
    Member since:
    Jul 2020

    Posted 22 Jul in reply to David Link to this post

    Did you ever find out what the problem was? We are trying something similar but cannot get the Fiddler Cert to work.

    Best regards

  6. David
    David avatar
    3 posts
    Member since:
    Apr 2018

    Posted 22 Jul in reply to Christian Link to this post

    Hi, I'm afraid not. I'd still be interested to know fix as we never managed to fix the problem we were trying to investigate with Fiddler.
  7. Christian
    Christian avatar
    2 posts
    Member since:
    Jul 2020

    Posted 22 Jul in reply to David Link to this post

    Maybe Alexander has any new insights? Because it really would be weird if NAV/Business Central did not use the built in Certificate Store. Because I am pretty sure, that at least for the Certificate that the NST uses for encrypting the traffic between itself  and the Database (and also for the ODATA/SOAP Enpoints if enabled) that it uses the Certs in the Certificate Store (and this fact is also explained in detail in the Microsoft Docs).

    Where else could NAV look for the Certs anyway? Maybe Alexander could explain what he meant, so I could look for that other place :)

  8. Nick Iliev
    Admin
    Nick Iliev avatar
    433 posts

    Posted 23 Jul Link to this post

    Hi Christian,

     

    Can you clarify some details about your specific case - are you receiving the very same error, have you tried using the system proxy as Alex suggested (for your client), are you receiving the difference in the Time field as David has shown?

     

    Regards,
    Nick Iliev
    Progress Telerik

Back to Top