This is a migrated thread and some comments may be shown as answers.

Certificate is invalid

7 Answers 259 Views
Windows
This is a migrated thread and some comments may be shown as answers.
David
Top achievements
Rank 1
David asked on 25 Apr 2018, 10:43 AM

We are attempting to use Fiddler as a proxy to capture traffic being sent from Microsoft Dynamics NAV to SharePoint via a plugin we have written for NAV. 

I have added the below to    "C:\Program Files\Microsoft Dynamics NAV\90\Service\Microsoft.Dynamics.Nav.Server.exe.config"

 

<defaultProxy>
      <proxy autoDetect="false" bypassonlocal="false" proxyaddress="http://127.0.0.1:8888" usesystemdefault="false" />
 </defaultProxy

 

When our plugin (DC.SharePoint.ComWrapper) attempts to connect to SharePoint via Fiddler we receive the below error.

 

Microsoft Dynamics NAV
---------------------------

A call to DC.SharePoint.ComWrapper.ListItemWrapper.Create failed with this message: The remote certificate is invalid according to the validation procedure.
---------------------------
OK
---------------------------

Does anyone have any suggestions as to what I could be missing? The NAV service runs as a domain user, which has the Fiddler root certificate in it's trusted root certification authorities store.  I have also tried putting it in the local computers store and running the service in the Network Service account.

The only thing I have noticed, is in the Raw capture, there is a line saying:

"Time": 26/09/2021 02:52:10

The date and time specifieid changes to seemingly random date around 50 years either side of the date today. However I am not sure if that is being used to validate the certificate?

Any help would be greatly appreciated.

7 Answers, 1 is accepted

Sort by
0
Alexander
Telerik team
answered on 10 May 2018, 01:30 PM
Hi,

The "Time" field is pseudo-random and should not be related to your problem.

If you let the application use the system proxy settings (instead of setting it explicitly) is the result the same? If yes, I would suggest to try using different certificate generator. It is called CertMaker and you can download it from here - https://www.telerik.com/fiddler/add-ons.

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
0
David
Top achievements
Rank 1
answered on 11 May 2018, 02:38 PM

Hi Alexander,
Thanks for your reply.  I have:
Installed certmaker
Restarted Fiddler
Deleted and reinstalled the fiddler root certificate in the trusted root certificates of the local machine store and the current user store.
Removed the proxy address from the Microsoft.Dynamics.Nav.Server.exe.config.  (I found this was only necessary when the service was running as Network Service).
Restarted the Dynamics NAV service running as a normal user (called dcadmin).

But I still get the same error.

I can browser to https://www.google.co.uk in IE running as dcadmin and see that the fiddler root certificate is trusted, but it is not trusted by the dynamics nav process, also running as dcadmin.


0
Alexander
Telerik team
answered on 16 May 2018, 03:49 PM
Hello,

It sounds like this application you are trying to use is not using the certificate store built-in in Windows. This is really strange since it is Microsoft product.

Did you restarted this software after adding the certificate to the store (I would suggest system restart if possible)? It is very long shot, but it's worth trying.

Regards,
Alexander
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
0
Christian
Top achievements
Rank 1
answered on 22 Jul 2020, 11:57 AM

Did you ever find out what the problem was? We are trying something similar but cannot get the Fiddler Cert to work.

Best regards

0
David
Top achievements
Rank 1
answered on 22 Jul 2020, 12:38 PM
Hi, I'm afraid not. I'd still be interested to know fix as we never managed to fix the problem we were trying to investigate with Fiddler.
0
Christian
Top achievements
Rank 1
answered on 22 Jul 2020, 12:50 PM

Maybe Alexander has any new insights? Because it really would be weird if NAV/Business Central did not use the built in Certificate Store. Because I am pretty sure, that at least for the Certificate that the NST uses for encrypting the traffic between itself  and the Database (and also for the ODATA/SOAP Enpoints if enabled) that it uses the Certs in the Certificate Store (and this fact is also explained in detail in the Microsoft Docs).

Where else could NAV look for the Certs anyway? Maybe Alexander could explain what he meant, so I could look for that other place :)

0
Nick Iliev
Telerik team
answered on 23 Jul 2020, 06:51 AM

Hi Christian,

 

Can you clarify some details about your specific case - are you receiving the very same error, have you tried using the system proxy as Alex suggested (for your client), are you receiving the difference in the Time field as David has shown?

 

Regards,
Nick Iliev
Progress Telerik

Tags
Windows
Asked by
David
Top achievements
Rank 1
Answers by
Alexander
Telerik team
David
Top achievements
Rank 1
Christian
Top achievements
Rank 1
Nick Iliev
Telerik team
Share this question
or