How to export ServiceBus certificates to Client Machines?

Damir Dobric Posts

Next talks:

 

Damir@Phone    

Follow me on Twitter: #ddobric



 

 

Archives

When you try to connect to service bus server from remote machine you might figure out following problem:

The X.509 certificate CN=yourhostname is not in the trusted people store. The X.509 certificate CN=yourhostname chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.

To solve this issue I would not recommend to get out certificates manually from Service Bus host machine and then to import them manually ! ! !

To do that go to Service Bus machine start the power shell and execute following statement:

Get-SBAutoGeneratedCA

This will create two files:

image

First file contains following self signed certificate:

image

The second one is the revocation list:

image

As next, copy these two files to the client machine which will be used to connect to service bus and open an MMC.
Go to add the Certificates snap-in, pick the Computer Account and Local Computer when asked.
Go to Certificates\Trusted Root Certification Authorities, open All Tasks, and Import AutoGeneratedCA.cer.
At the end go to Intermediate Certification Authorities and import AutoGeneratedCA.crl.

I have tried different methods to import certificates, but no one worked instead of described one.


Posted Dec 13 2012, 06:04 PM by Damir Dobric

Comments

Damir Dobric Posts wrote Windows Azure ServiceBus Visual Studio Explorer v1.8
on 01-01-2013 12:08

Visual Studio 2012 offers a new version of Service Bus Explorer which is fully integrated with Visual

DamirDobric wrote Prepare Development Machine for Workflow Manager
on 02-14-2013 8:03

If you want to develop workflows for Workflow Manager, you do not have to necessarily install the full

developers.de is a .Net Community Blog powered by daenet GmbH.