I plan to use PowerBI and access Acumatica Azure Site from OData Query.
The Acumatica Installation is on Azure https://commtexdemo61.cloudapp.net and I am able to get the XML from https://commtexdemo61.cloudapp.net/odata/Company using my userid : admin and Password : sameer. This is having the Rapidbyte Demo.
Acumatica is displayed as Untrusted !
However when accessing through Excel/PowerBI - I am getting an error : The underline connection is closed. Could not establish trust relationship for the SSL/TLS secure channel. The remote certificate is invalid according to the validation procedure.
How to solve this !
This is a self-signed SSL certificate. It is not trusted by web browsers or by PowerBI. You've probably noticed that you get a similar warning when connecting using your browser. You have two options:
Use an unencrypted connection / HTTP instead of HTTPS
Get a trusted certificate from an authority like Comodo or Verisign (there are hundreds of options - just Google for SSL certificates)
Related
I am getting error (Could not establish secure channel for SSL/TLS with authority 'www.docusign.net'.) when we are calling login web method of this web service (i.e. https://www.docusign.net/api/3.0/credential.asmx)
There's a few things this could be. I'd recommend checking the following first:
TLS 1.0 is not supported - you'll need to confirm your application is using TLS 1.1 or 1.2
Your application may not trust the DocuSign certificate chain. From the DocuSign Trust Site's Certificate list, the DigiCert root CA (969 bytes): Root CA for Demo/NA1/NA2/NA3/EU SSL certificates must be accepted.
Networking issues: Your firewall may be altering or blocking the connection to DocuSign. Can you make a successful SOAP Ping?
I was facing the same problem.
You just need to paste this code on the top of that code that was throwing this exception.
ServicePointManager.SecurityProtocol = (SecurityProtocolType)3072;
And don't forget to add the namespace
using System.Net;
I have been able to access Service Fabric Explorer with no problem, using a client certificate generated from Azure. The client certificate is still valid.
We recently added a new server certificate with a new thumbprint and set it to primary. (The previous server cert is secondary and hasn't been removed, if that matters.)
Now when I visit https://<name>.centralus.cloudapp.azure.com:19080/Explorer I get an error that varies by browser. There's no link to click through and ignore the warning.
In Edge: The website’s security certificate is not secure. Error Code: 0
In Chrome: You cannot visit <name>.centralus.cloudapp.azure.com right now because the website sent scrambled credentials that Google Chrome cannot process.
I can connect using the new certificate thumbprint via PowerShell.
You will need to add the certificate thumbprint under the cluster's client security.
I have set up a hyperledger rest server using HTTPS and TLS. I'm wondering why my browser says the connection is not secure though. See images below:
Connection not secure
Root certificate not trusted
Do you have to make your own certificates so that they are trusted, or does anyone have any info on how to fix this?
Where did you get your certificates from? If you did not request and obtain them from a trusted CA then this is expected behaviour on a typical Dev environment. (Perhaps you just used the default certificates from Composer.)
In a production scenario you would request and use certificates that you had obtained (purchased probably) from your organisations usual CA.
This is not a Composer specific problem, but a general HTTP feature.
I have a cloud service and an Azure APIM instance with a self signed client cert setup on them (the cert has intended purposes of server auth and client auth).
Each API within the APIM has the client cert setup on its security. However, when I perform the call the following comes back in the trace.
"messages":["Error occured while calling backend service.","The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.","The remote certificate is invalid according to the validation procedure."
Is there anything I am missing here, searching online and cannot see anything obvious.
Yes you are correct, the option is not available in the portal to allow self-signed certificates. Here is a blogpost by Sasha Rosenbaum: http://divineops.net/enable-self-signed-certificates-in-azure-api-management-services/
Here basically you are skipping the certificate verification using "skipCertificateChainValidation" attribute.
You can create a backend entity through power shell scripts to skipcertifioc
I created a self signed certificate using makecert in Microsoft's SDK. The certificate name is the same as the server and I have added it to the Trusted Root Certificate store on the client. When I look at the certificate in Chrome, it shows as ok. But when I attempt to access the site, I receive the error:
You attempted to reach [website name], but the server presented a certificate issued by an entity that is not trusted by your computer's operating system. This may mean that the server has generated its own security credentials, which Chrome cannot rely on for identity information, or an attacker may be trying to intercept your communications.
How can I get around this issue and force my operating system to trust this certificate?
the first thing to do is to test using Internet Explorer. If it doesn't work there, then something is wrong with the cert or the installation.
If it does work in I.E., then you've likely used the unqualified server hostname in the cert, and Chrome specifically does not like that. So, if you've set the common name to something like ServerName, you need to create a new cert with a fully-qualified name (such as ServerName.com) and then use that host name to access the site instead.