[midPoint] Self-signed SSL certificate problem with exchange connector

Ivan Noris ivan.noris at evolveum.com
Wed Jun 24 13:57:29 CEST 2015


"It *seems* that the Connector Server user must be member of local
"Administrators" group to be able to access the certificate store! (If
you are not using "Domain Admins" group for security reasons.)"

in https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server

Ivan

On 06/24/2015 01:55 PM, Ivan Noris wrote:
> Please try to add that account to local Administrators on that
> computer (not Domain Administators). I remember situation where this
> helped. I also remember to have written it somewhere :-(
>
> Ivan
>
> On 06/24/2015 01:50 PM, Ващенков Алексей wrote:
>>
>> Thanks.
>>
>> I helped a little bit. The documentation doesn’t pointed that also I
>> need to add the certificate to trusted roots using mmc.
>>
>> After we imported certificate and add it ti trusted roots I’ve got an
>> access denied exception. We try to start connector as System and as
>> Administrator but in both cases access exception throws.
>>
>> May be I miss some preferences?
>>
>>  
>>
>> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
>> Behalf Of *Ivan Noris
>> *Sent:* Wednesday, June 24, 2015 10:54 AM
>> *To:* midpoint at lists.evolveum.com
>> *Subject:* Re: [midPoint] Self-signed SSL certificate problem with
>> exchange connector
>>
>>  
>>
>> Hi Алексей,
>>
>> please check your steps with
>> https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server
>>
>> Last time I was connecting AD through SSL, it helped me.
>>
>> Regards,
>> Ivan
>>
>> On 06/24/2015 09:42 AM, Ващенков Алексей wrote:
>>
>>     Hi.
>>
>>     We use self-signed certificate for connection to powershell. In
>>     process to add account using Exchange connector throws an exception
>>
>>     ====
>>
>>     The SSL certificate is signed by an unknown certificate
>>     authority. For more information, see the
>>     about_Remote_Troubleshooting Help topic. Cannot validate argument
>>     on parameter 'Session'. The argument is null. Supply a non-null
>>     argument and try the command again.
>>
>>     We have added certificate to trusted roots in internet settings.
>>     But it doesn’t take any effect.
>>
>>     What should we do to prevent this exception throwning?
>>
>>
>>
>>
>>     _______________________________________________
>>
>>     midPoint mailing list
>>
>>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>
>>     http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>> -- 
>>   Ing. Ivan Noris
>>   Senior Identity Management Engineer & IDM Architect
>>   evolveum.com                     evolveum.com/blog/
>>   ___________________________________________________
>>   "Semper Id(e)M Vix."
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
> -- 
>   Ing. Ivan Noris
>   Senior Identity Management Engineer & IDM Architect
>   evolveum.com                     evolveum.com/blog/
>   ___________________________________________________
>   "Semper Id(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer & IDM Architect
  evolveum.com                     evolveum.com/blog/
  ___________________________________________________
  "Semper Id(e)M Vix."

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150624/14fa524a/attachment.htm>


More information about the midPoint mailing list