How to Create and use Self-signed SSL Certificate for Dynamics NAV

Introduction

  • This article explains how to create an SSL certificate for a Test environment.
  • For a Live environment, you must purchase SSL certificate from a certification authority, for example ComodoSymantecDigicert, etc.
  • Keep a copy of Certificate Thumbprint and a copy of the Certificate generated.

Pre-Requisites

Download Self-signed certificate generator (PowerShell).


Create SSL Certificate

  1. Open Windows Powershell ISE – Run as administrator
  2. Know you Execution Policy:
    1. The following command gets the current execution policy: Get-ExecutionPolicy
    2. If it is Restricted, change the Execution Policy, for example in this case: Set-ExecutionPolicy -ExecutionPolicy RemoteSigned


  1. Go to the location where you saved the New-SelfSignedCertificateEx.ps1 file.
  2. Run the following command:
    Import-Module .\New-SelfSignedCertificateEx.ps1


  1. Run the following command, where you can find the <Full Computer Name> from system properties:
    New-SelfSignedCertificateEx –Subject “CN=<Full Computer Name>” –IsCA $true –Exportable –StoreLocation LocalMachine



  1. Copy and Save the Thumbprint for later use.

Manage Certificate

  1. Open Microsoft Management Console (mmc.exe)


  1. Click FileAdd/Remove Snap-in
  2. Select Certificates
  3. Click Add
  4. Select the Computer Account
  5. Click Finish and OK


Locate the Certificate

Now you can locate the Certificate under: Console RootCertificates (Local Computer)PersonalCertificates.

  • The name will be same as your service tier Machine.The Expiration Date Will be 1Y-2D (01 Year – 02 Days) for that certificate and it will be valid from 01 Day Before you create Certificate.

Assign Permissions to Certificate

  1. Right Click on the certificate.
  2. Click All TasksManage Private Keys
  3. Add Permission for the Account which is used to Run Dynamics NAV Services.


Copy and Paste Certificate

  1. Copy the Certificate from PersonalCertificates node.
  2. Paste the certificate into the Trusted Root Certification AuthoritiesCertificates node.


Download and Save the Certificate

  1. Right-click and Export the certificate


  1. Select the No, do not export the private key option


  1. Choose Next
  2. Select DER encoded binary x.509 (.cer)


  1. Specify a File Name and Finish the wizard. For example, here we have saved it as “NAV_Certificate.cer”.


  1. Copy and Save the certificate for later use.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s