When you try to connect to service bus server from remote machine you might figure out following problem:
The X.509 certificate CN=yourhostname is not in the trusted people store. The X.509 certificate CN=yourhostname chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain could not be built to a trusted root authority.
To solve this issue I would not recommend to get out certificates manually from Service Bus host machine and then to import them manually ! ! !
To do that go to Service Bus machine start the power shell and execute following statement:
Get-SBAutoGeneratedCA
This will create two files:
First file contains following self signed certificate:
The second one is the revocation list:
As next, copy these two files to the client machine which will be used to connect to service bus and open an MMC.
Go to add the Certificates snap-in, pick the Computer Account and Local Computer when asked.
Go to Certificates\Trusted Root Certification Authorities, open All Tasks, and Import AutoGeneratedCA.cer.
At the end go to Intermediate Certification Authorities and import AutoGeneratedCA.crl.
I have tried different methods to import certificates, but no one worked instead of described one.
Posted
Dec 13 2012, 06:04 PM
by
Damir Dobric