NAV 2013 R2 Windows Client & Web Client with NavUserPassword - Installation of Security Certificates.
Hi all,
This is second post in this series. Please make sure that you have read the first post before you start reading this post.
All the post related to this series can be found in Introduction Post.
I hope you would have finished all the steps as discussed in Post 1. Let's Move Ahead.
11. As of now if we check the certificate information we will find that its not trusted.
we now need to install the certificate & revocation list on the computer running Microsoft Dynamics NAV Server.
INSTALL CERTIFICATE -
12. Open Mmc.exe from RUN menu.
13. From File Menu Select Add/Remove Snap-in.
14. From available snap-ins select certificates and click add.
15. Select Computer account, click next and then click finish.
16. From Left hand panel select Trusted Root Certificate Authorities and then select Certificates.
17. Right Click and Select All Tasks and then select Import.
18. Click Next, Locate the file in your folder.
19. Click Next, and Finish. You will find Certificate in the list.
INSTALL REVOCATION LIST -
20. Right Click and Select All Tasks and then select Import.
21. Click Next, Locate the file in your folder (Change the File Extension to .crl).
22. Click Next, and Finish.
23. Select the Trusted Root Certificate Authorities node, and then refresh the snap-in.
24. You will find Recovation List in a new Group.
To create and install a test certificate for the Microsoft Dynamics NAV Server computer -
1. At the command prompt, type the following command:
makecert -sk NAV2013R2 -iv NAV2013R2.pvk -n "CN=NAV2013R2" -ic NAV2013R2.cer -sr localmachine -ss my -sky exchange -pe NAV2013R2.cer
This command specifies the subject’s certificate name as NAV2013R2. You need this certificate name when you configure the Microsoft Dynamics NAV Windows client or Microsoft Dynamics NAV Web Server components.
2. When you are prompted, enter the password that you used to create the root CA.
Grant Access to the certificate’s private key to the service account for Microsoft Dynamics NAV Server -
25. Open Personal and select certificate Folder From Left Menu.
26. Right Click the certificate (in my case certificate name is NAV2013R2),choose All Tasks, and then choose Manage Private Keys.
27. In the Permissions for NavServiceCert private keys dialog box, choose Add.
28. In the Select Users, Computers, Service Accounts, or Groups dialog box, enter the name of the service account that is used by Microsoft Dynamics NAV Server By default, the service account is NETWORK SERVICE. Choose OK when done.
29. In the Permissions for NavServiceCert private keys dialog box, select the account, and then select the Allow check box next to Full Control. Choose OK when done.
30.Double Click the Certificate and goto Details Tab, select Thumbprint. Copy the value of Thumbprint Shown we will require it in next step.
My Thumbprint Value is =a6 fd 3e 7c 9c 82 ef 07 7a 1f 36 73 bc ee 8a bc e9 4c 03 cc
* MAKE SURE THAT YOU COPY ONLY VALUE (THUMBPRINT NORMALLY START WITH A BLANK SPACE).
In Next Post we will see the changes that need to be done in Service Tier.
Regards,
Saurav Dhyani
saurav-nav.blogspot.in
This is second post in this series. Please make sure that you have read the first post before you start reading this post.
All the post related to this series can be found in Introduction Post.
I hope you would have finished all the steps as discussed in Post 1. Let's Move Ahead.
11. As of now if we check the certificate information we will find that its not trusted.
we now need to install the certificate & revocation list on the computer running Microsoft Dynamics NAV Server.
INSTALL CERTIFICATE -
12. Open Mmc.exe from RUN menu.
13. From File Menu Select Add/Remove Snap-in.
14. From available snap-ins select certificates and click add.
15. Select Computer account, click next and then click finish.
16. From Left hand panel select Trusted Root Certificate Authorities and then select Certificates.
17. Right Click and Select All Tasks and then select Import.
18. Click Next, Locate the file in your folder.
19. Click Next, and Finish. You will find Certificate in the list.
INSTALL REVOCATION LIST -
20. Right Click and Select All Tasks and then select Import.
21. Click Next, Locate the file in your folder (Change the File Extension to .crl).
22. Click Next, and Finish.
23. Select the Trusted Root Certificate Authorities node, and then refresh the snap-in.
24. You will find Recovation List in a new Group.
To create and install a test certificate for the Microsoft Dynamics NAV Server computer -
1. At the command prompt, type the following command:
makecert -sk NAV2013R2 -iv NAV2013R2.pvk -n "CN=NAV2013R2" -ic NAV2013R2.cer -sr localmachine -ss my -sky exchange -pe NAV2013R2.cer
This command specifies the subject’s certificate name as NAV2013R2. You need this certificate name when you configure the Microsoft Dynamics NAV Windows client or Microsoft Dynamics NAV Web Server components.
2. When you are prompted, enter the password that you used to create the root CA.
Grant Access to the certificate’s private key to the service account for Microsoft Dynamics NAV Server -
25. Open Personal and select certificate Folder From Left Menu.
26. Right Click the certificate (in my case certificate name is NAV2013R2),choose All Tasks, and then choose Manage Private Keys.
27. In the Permissions for NavServiceCert private keys dialog box, choose Add.
28. In the Select Users, Computers, Service Accounts, or Groups dialog box, enter the name of the service account that is used by Microsoft Dynamics NAV Server By default, the service account is NETWORK SERVICE. Choose OK when done.
29. In the Permissions for NavServiceCert private keys dialog box, select the account, and then select the Allow check box next to Full Control. Choose OK when done.
30.Double Click the Certificate and goto Details Tab, select Thumbprint. Copy the value of Thumbprint Shown we will require it in next step.
My Thumbprint Value is =a6 fd 3e 7c 9c 82 ef 07 7a 1f 36 73 bc ee 8a bc e9 4c 03 cc
* MAKE SURE THAT YOU COPY ONLY VALUE (THUMBPRINT NORMALLY START WITH A BLANK SPACE).
In Next Post we will see the changes that need to be done in Service Tier.
Regards,
Saurav Dhyani
saurav-nav.blogspot.in
Comments
Post a Comment