Howdy, Stranger!
Categories
- All Categories
- 73 General
- 73 Announcements
- 66.6K Microsoft Dynamics NAV
- 18.7K NAV Three Tier
- 38.4K NAV/Navision Classic Client
- 3.6K Navision Attain
- 2.4K Navision Financials
- 115 Navision DOS
- 854 Navision e-Commerce
- 1K NAV Tips & Tricks
- 772 NAV Dutch speaking only
- 615 NAV Courses, Exams & Certification
- 2K Microsoft Dynamics-Other
- 1.5K Dynamics AX
- 304 Dynamics CRM
- 109 Dynamics GP
- 10 Dynamics SL
- 1.5K Other
- 993 SQL General
- 384 SQL Performance
- 34 SQL Tips & Tricks
- 34 Design Patterns (General & Best Practices)
- Architectural Patterns
- 10 Design Patterns
- 5 Implementation Patterns
- 53 3rd Party Products, Services & Events
- 1.7K General
- 1.1K General Chat
- 1.6K Website
- 79 Testing
- 1.2K Download section
- 23 How Tos section
- 260 Feedback
- 12 NAV TechDays 2013 Sessions
- 13 NAV TechDays 2012 Sessions
Implementing NAV 2009 SSL Web Services-Three Tiers/Three PCs
melsadek
Member Posts: 31
Hi all,
OK, so this might be the mother of all complex NAV 2009 deployments, but this is the NAV community, so I hope you can give me some answers.
Our client requires implementing SSL web services for their NAV 2009 implementation. I have already set them up for Three tiers on Three computers (as per their request), and I also successfully configured basic non-SSL web services, and they both work beautifully. I can access my webservices from the Dynamics NAV Server PC, from within the domain, and from outside the domain. I've setup the SPNs and everything WAS just humming and singing along nicely.
Now...they want us to configure the webservices to use SSL. So, I went through the following steps, as per all the MSDN documentation I could find:
1) Get the SSL certificate
2) Save it to the local Computer store
3) Fetch the certificate thumbprint
4) Use "netsh http" to register url acls - httpcfg was garbage...I continued to get the return code 183.
5) I changed the CustomSettings.config to enable SSL webservices
6) Restarted BOTH Dynamics NAV service and Web Services service
And now...I get an HTTP 500 Internal Error when I try to access the webservices from Internet Explorer. I changed the IE settings so I no longer see friendly error messages, and I found out that it was a NavPasswordException error. It turns out with SSL, My SQL Server is no longer accepting my login credentials, EVEN THOUGH THEY ARE EXACTLY THE SAME AS BEFORE SSL.
Now I got the same error message before when trying to run web services without SSL, and I was able to solve this by adding the SPNs and removing any duplicates that were found. And although it did work without SSL, now with SSL and even after adding the SPNs it is not working.
What I am missing here? Please help me out. I'll wait for your feedback.
Regards,
Mohamad
OK, so this might be the mother of all complex NAV 2009 deployments, but this is the NAV community, so I hope you can give me some answers.
Our client requires implementing SSL web services for their NAV 2009 implementation. I have already set them up for Three tiers on Three computers (as per their request), and I also successfully configured basic non-SSL web services, and they both work beautifully. I can access my webservices from the Dynamics NAV Server PC, from within the domain, and from outside the domain. I've setup the SPNs and everything WAS just humming and singing along nicely.
Now...they want us to configure the webservices to use SSL. So, I went through the following steps, as per all the MSDN documentation I could find:
1) Get the SSL certificate
2) Save it to the local Computer store
3) Fetch the certificate thumbprint
4) Use "netsh http" to register url acls - httpcfg was garbage...I continued to get the return code 183.
5) I changed the CustomSettings.config to enable SSL webservices
6) Restarted BOTH Dynamics NAV service and Web Services service
And now...I get an HTTP 500 Internal Error when I try to access the webservices from Internet Explorer. I changed the IE settings so I no longer see friendly error messages, and I found out that it was a NavPasswordException error. It turns out with SSL, My SQL Server is no longer accepting my login credentials, EVEN THOUGH THEY ARE EXACTLY THE SAME AS BEFORE SSL.
Now I got the same error message before when trying to run web services without SSL, and I was able to solve this by adding the SPNs and removing any duplicates that were found. And although it did work without SSL, now with SSL and even after adding the SPNs it is not working.
What I am missing here? Please help me out. I'll wait for your feedback.
Regards,
Mohamad
Mohamad El-Sadek, MCP, MBSS, MCTS
G.R. & Associates, Inc.
G.R. & Associates, Inc.
0
Comments
Just a quick heads up. I was FINALLY able to setup Dynamics NAV 2009 Web Services for 3 Tiers/3 Machines WITH SSL. I've created a document detailing all the steps from top to bottom and some of the pitfalls and challenges that can be encountered when dealing with such a complex setup. If anyone is interested in the article, I'll be happy to share it with you.
Regards,
Mohamad
G.R. & Associates, Inc.
Independent Consultant/Developer
blog: https://dynamicsuser.net/nav/b/ara3n
Sadly it wasn't the setting HTTPS SPN, although you'd think Microsoft would mention something like this in their MSDN articles. I already had the HTTPS SPN setup, but no go.
The "Use Kerberos Only" option on the designated Domain User Account was the problem. Once I switched the option to "Use any authentication protocol", I was finally able to consume the web services.
G.R. & Associates, Inc.