Every 15 minutes, CRM Logging the below errors
Event 25089, MSCRMMonitoringTest
Event 18797, MSCRMMonitoringTest
I found 2 expired (invalid) certificates on the servers (Deployment & all UI Servers).
Workaround solution to fix the above logging error
1. Delete older one (yellow color tag) certificate from all servers
A) Run cmd -> type mmc -> Console Root window -> File menu -> select Add/Remove Snap-ins -> Add Cerificate -> Select(Computer account) -> Finish -> OK.
B) Console Root -> Certificates (Local Computer) -> Personal -> Certificates
-> Select old cerificate (date ended with '02/15/2017' ) -> Delete.
2. Re run ‘Configure Claims-Based Authentication’ tool from CRM Deployment Manager.
3. After 15 minutes, you see the log with succeded message
Event 25089, MSCRMMonitoringTest
A certificate registered for use by Microsoft Dynamics CRM has expired. Certificate type: TrustedIssuer Certificate Name: http://<URL>/adfs/services/trust Expiration Date: 1/11/2016 6:00:00 AM Store Location: Store Name:
Event 18797, MSCRMMonitoringTest
Monitoring test failed: Test Title: Trusted Issuer Certificate test: Machine: <MACHINE_NAME>: ServerRole: DiscoveryService, Portal, ApiServer
Test Log:
Retrieving certificate data from config DBVerifying TrustedIssuer certificate. Name=http://<URL>/adfs/services/trustTrustedIssuer certificate is not stored in local store: It is contained in the config DB. Name=http://<URL>/adfs/services/trustCertificate Lifespan: Valid from 09/14/2014 19:00:00 to 01/11/2016 06:00:00Failure: Certificate has expiredVerifying TrustedIssuer certificate. Name=http://<URL>/adfs/services/trustTrustedIssuer certificate is not stored in local store: It is contained in the config DB. Name=http://<URL>/adfs/services/trustCertificate Lifespan: Valid from 10/12/2015 19:00:00 to 02/15/2017 06:00:00Remaining certificate lifespan 21.7 % is greater than the configured threshold of 10.0 %Certificate is not nearing expiration.
Test Log:
Retrieving certificate data from config DBVerifying TrustedIssuer certificate. Name=http://<URL>/adfs/services/trustTrustedIssuer certificate is not stored in local store: It is contained in the config DB. Name=http://<URL>/adfs/services/trustCertificate Lifespan: Valid from 09/14/2014 19:00:00 to 01/11/2016 06:00:00Failure: Certificate has expiredVerifying TrustedIssuer certificate. Name=http://<URL>/adfs/services/trustTrustedIssuer certificate is not stored in local store: It is contained in the config DB. Name=http://<URL>/adfs/services/trustCertificate Lifespan: Valid from 10/12/2015 19:00:00 to 02/15/2017 06:00:00Remaining certificate lifespan 21.7 % is greater than the configured threshold of 10.0 %Certificate is not nearing expiration.
I found 2 expired (invalid) certificates on the servers (Deployment & all UI Servers).
Workaround solution to fix the above logging error
1. Delete older one (yellow color tag) certificate from all servers
A) Run cmd -> type mmc -> Console Root window -> File menu -> select Add/Remove Snap-ins -> Add Cerificate -> Select(Computer account) -> Finish -> OK.
B) Console Root -> Certificates (Local Computer) -> Personal -> Certificates
-> Select old cerificate (date ended with '02/15/2017' ) -> Delete.
2. Re run ‘Configure Claims-Based Authentication’ tool from CRM Deployment Manager.
3. After 15 minutes, you see the log with succeded message
Monitoring test succeeded: Test Title: Trusted Issuer Certificate test: Machine: <MACHINE_NAME>: ServerRole: DiscoveryService, Portal, ApiServer
Test Log:
Retrieving certificate data from config DBVerifying TrustedIssuer certificate. Name=http://<URL>/adfs/services/trustTrustedIssuer certificate is not stored in local store: It is contained in the config DB. Name=http://<URL>/adfs/services/trustCertificate Lifespan: Valid from 10/12/2015 19:00:00 to 02/15/2017 06:00:00Remaining certificate lifespan 21.3 % is greater than the configured threshold of 10.0 %Certificate is not nearing expiration.
Test Log:
Retrieving certificate data from config DBVerifying TrustedIssuer certificate. Name=http://<URL>/adfs/services/trustTrustedIssuer certificate is not stored in local store: It is contained in the config DB. Name=http://<URL>/adfs/services/trustCertificate Lifespan: Valid from 10/12/2015 19:00:00 to 02/15/2017 06:00:00Remaining certificate lifespan 21.3 % is greater than the configured threshold of 10.0 %Certificate is not nearing expiration.
No comments:
Post a Comment