Friday, February 9, 2018

How to Manually Replace the Web Client SSL Certificates

I finally managed to get to this video! Every so often I come across Community forum posts requesting instructions on how to replace an expired certificate being used with the Microsoft Dynamics GP web client. The traditional response has always been to uninstall and reinstall the web client after replacing the certificate in IIS (single-machine installation), or to repair the installation (custom install). I frankly find those two processes a bit cumbersome and prone to errors, since system administrators often need to remember steps and entries that they may not even have initiated themselves.




The procedures I outline in this video make use of the netsh command prompt utility to accomplish this and I intend to soon publish a PowerShell script that would automate the entire process altogether. For now, enjoy this video and don't forget to provide your feedback.

Until next post,

MG.-
Mariano Gomez, MVP

2 comments:

Corey said...

Mariano - This worked like a charm! Thank you for documenting this process in video form. I look forward to your Powershell script to automate this process. It is much easier than reloading the Web Client when the certificate expires and it helped me to better understand how all of the pieces come together when troubleshooting the web client. Thank you again my friend!

Best Regards,
Corey Clay
NexTec Group

Brian Miller said...

FYI our simple install (only have the web component to worry about) seemed to work fine doing the IIS cert renewal procedure without having to change anything else manually. Basically you select the cert that is about to expire in IIS and request a renewal for later and it gives you the cert CSR to submit to your cert provider. Then you go to the cert provider and renew the cert there using that CSR and download the renewed cert. THEN finally you go finalize the renewal back in IIS and point it at the info downloaded from the cert provider.

That seemed to do the trick and all the netsh info you provided in the video updated to the new cert.