Tags

, , , , ,

Hello Everyone,

In my previous blog I settled my SSL Certificate issue and was able to bind it successfully with my CRM. To start with development,  we created a web-api and hosted it on same IIS as in CRM; it is supposed to consume the CRM webservice to do the data verification operation.

When I started the Unit testing, it threw an error: Unable to Login to Dynamics CRM

I cross checked all the credentials and everything seemed to be in place. To make sure the connection, using the same code I created a console app and tried to connect to CRM, and it was connected! 😮

This gave me goosebumps; my last resort my to enable tracing and check for errors. I enabled the tracing and found the following 2 errors:

 

======================================================================================================================
Inner Exception Level 1 : 
Source : System
Method : GetResponse
Date : 8/12/2018
Time : 8:01:53 AM
Error : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
Stack Trace : at System.Net.HttpWebRequest.GetResponse()
at System.ServiceModel.Description.MetadataExchangeClient.MetadataLocationRetriever.DownloadMetadata(TimeoutHelper timeoutHelper)
at System.ServiceModel.Description.MetadataExchangeClient.MetadataRetriever.Retrieve(TimeoutHelper timeoutHelper)
======================================================================================================================
Inner Exception Level 2 : 
Source : System
Method : StartSendAuthResetSignal
Date : 8/12/2018
Time : 8:01:53 AM
Error : The remote certificate is invalid according to the validation procedure.
Stack Trace : at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)
at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)
at System.Net.ConnectStream.WriteHeaders(Boolean async)
======================================================================================================================

 

Now I knew the exact error; the hosted API was not able to maintain a trust connection with CRM because of the SSL certificate. I searched for an article to handle/ignore the SSL Certificate issue in my code and came acrosss this piece of code:

ServicePointManager.ServerCertificateValidationCallback = delegate (object s, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { return true; };

 

 

I added it just before I start the connection to CRM and viola, it worked this time! 😀

SSL_CRM_certSSL_CRM

 

 

While I was browsing through some articles, I found few articles which describe the issue in detail here and here; it’s worth reading them once for a better understanding of handling SSL cert in the code.

Hope this will be helpful. Thanks ! 🙂