Comments on: Correctly Installing a Certificate for Two-Factor Authentication via the HTTP Send Adapter http://www.modhul.com/2008/06/04/correctly-installing-a-certificate-for-two-factor-authentication-via-the-http-send-adapter/ Experiences of a UK BizTalk Consultant Wed, 01 Feb 2012 18:36:16 +0000 hourly 1 http://wordpress.org/?v=3.3 By: Kir http://www.modhul.com/2008/06/04/correctly-installing-a-certificate-for-two-factor-authentication-via-the-http-send-adapter/comment-page-1/#comment-2088 Kir Thu, 08 Dec 2011 15:19:15 +0000 http://www.modhul.com/?p=141#comment-2088 After dozen of articles, hundreds of tries I've finally got it working. Here are the steps: 1. Install public cert (.cer file) into Local Computer store under Other People. This will enable you to choose your certificate in SendPort properties window on the Certificate tab. You also need to copy your certificate footprint onto the Authentication tab of the Transport Type Properties window. 2. Install public cert into your Current User Personal store(if you're using different account than the corresponding Host Instance account). This will enable you to select your certificate on the Certificate tab of the Host Properties window) 3. Login as the user of you Host Instance. Install your public cert into Current User Personal store. This will enable the Host Instance account to use the cert for encryption of outgoing messages. Note: the address of the send port should be exactly the same as the address that your cert is issued to. For example, if your cert is issued to yourserver.yourdomain.com then you cannot set localhost or IP for the send port address, even if you can access it like that. After dozen of articles, hundreds of tries I’ve finally got it working.
Here are the steps:
1. Install public cert (.cer file) into Local Computer store under Other People. This will enable you to choose your certificate in SendPort properties window on the Certificate tab. You also need to copy your certificate footprint onto the Authentication tab of the Transport Type Properties window.
2. Install public cert into your Current User Personal store(if you’re using different account than the corresponding Host Instance account). This will enable you to select your certificate on the Certificate tab of the Host Properties window)
3. Login as the user of you Host Instance. Install your public cert into Current User Personal store. This will enable the Host Instance account to use the cert for encryption of outgoing messages.

Note: the address of the send port should be exactly the same as the address that your cert is issued to. For example, if your cert is issued to yourserver.yourdomain.com then you cannot set localhost or IP for the send port address, even if you can access it like that.

]]> By: Nick Heppleston http://www.modhul.com/2008/06/04/correctly-installing-a-certificate-for-two-factor-authentication-via-the-http-send-adapter/comment-page-1/#comment-352 Nick Heppleston Fri, 06 Feb 2009 21:07:28 +0000 http://www.modhul.com/?p=141#comment-352 Thanks for the feedback Mark, much appreciated. Thanks for the feedback Mark, much appreciated.

]]> By: Mark http://www.modhul.com/2008/06/04/correctly-installing-a-certificate-for-two-factor-authentication-via-the-http-send-adapter/comment-page-1/#comment-350 Mark Fri, 06 Feb 2009 12:21:06 +0000 http://www.modhul.com/?p=141#comment-350 Hi Nick, A very useful article. Just wanted to advise that I found it necessary to add the required certificates to the correct stores whilst logged onto the machine using the account that the send host runs under. If I tried to use the certificates snap-in as a service account, the send port fails to find the client certificate giving the error message "The client certificate is not found in the certificate store Parameter name: Certificate". Cheers Mark Hi Nick,

A very useful article. Just wanted to advise that I found it necessary to add the required certificates to the correct stores whilst logged onto the machine using the account that the send host runs under. If I tried to use the certificates snap-in as a service account, the send port fails to find the client certificate giving the error message “The client certificate is not found in the certificate store
Parameter name: Certificate”.

Cheers
Mark

]]> By: Atte http://www.modhul.com/2008/06/04/correctly-installing-a-certificate-for-two-factor-authentication-via-the-http-send-adapter/comment-page-1/#comment-277 Atte Wed, 19 Nov 2008 15:19:42 +0000 http://www.modhul.com/?p=141#comment-277 Hi, I had this similar error message and tried all of the things you suggested. It did not work. DNS services were not enabled in the server I was running and I was accessing the remote website using ip-address. The Certificate was of course issued to the full domain name of the remote server. So I added the name of the server to my servers hosts file and changed the address of the http-port to use that domain name... After doing so, everything works like a charm. Atte Hi,

I had this similar error message and tried all of the things you suggested. It did not work.
DNS services were not enabled in the server I was running and I was accessing the remote website using ip-address. The Certificate was of course issued to the full domain name of the remote server. So I added the name of the server to my servers hosts file and changed the address of the http-port to use that domain name… After doing so, everything works like a charm.

Atte

]]> By: SOAP Adapter - Confusing error with an untrusted Root Certificate Authority at At the Coalface: A BizTalk Blog http://www.modhul.com/2008/06/04/correctly-installing-a-certificate-for-two-factor-authentication-via-the-http-send-adapter/comment-page-1/#comment-143 SOAP Adapter - Confusing error with an untrusted Root Certificate Authority at At the Coalface: A BizTalk Blog Wed, 30 Jul 2008 12:07:38 +0000 http://www.modhul.com/?p=141#comment-143 [...] recently wrote about problems with two-factor authentication and installing a certificate in the correct certificate store. Well, we’ve had similar problems, this time securing the transport link on a SOAP adapter, [...] [...] recently wrote about problems with two-factor authentication and installing a certificate in the correct certificate store. Well, we’ve had similar problems, this time securing the transport link on a SOAP adapter, [...]

]]>