[midPoint] Self-signed SSL certificate problem with exchange connector

Ivan Noris ivan.noris at evolveum.com
Wed Jun 24 14:41:44 CEST 2015


No; but in my scenario I had to be in local Administrators group to be
able to access the certificate store on the machine where Connector
Server runs.

Can you be more precise about the Access Denied exception?

Ivan

On 06/24/2015 02:04 PM, Ващенков Алексей wrote:
>
> The user is in both groups local and domain administrators.
>
> Do you suppose that user must be only in local administrator group?
>
> * *
>
> *Sent:*Wednesday, June 24, 2015 2:55 PM
> *To:* midpoint at lists.evolveum.com
> *Subject:* Re: [midPoint] Self-signed SSL certificate problem with
> exchange connector
>
>  
>
> Please try to add that account to local Administrators on that
> computer (not Domain Administators). I remember situation where this
> helped. I also remember to have written it somewhere :-(
>
> Ivan
>
> On 06/24/2015 01:50 PM, Ващенков Алексей wrote:
>
>     Thanks.
>
>     I helped a little bit. The documentation doesn’t pointed that also
>     I need to add the certificate to trusted roots using mmc.
>
>     After we imported certificate and add it ti trusted roots I’ve got
>     an access denied exception. We try to start connector as System
>     and as Administrator but in both cases access exception throws.
>
>     May be I miss some preferences?
>
>      
>
>     *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
>     Behalf Of *Ivan Noris
>     *Sent:* Wednesday, June 24, 2015 10:54 AM
>     *To:* midpoint at lists.evolveum.com <mailto:midpoint at lists.evolveum.com>
>     *Subject:* Re: [midPoint] Self-signed SSL certificate problem with
>     exchange connector
>
>      
>
>     Hi Алексей,
>
>     please check your steps with
>     https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server
>
>     Last time I was connecting AD through SSL, it helped me.
>
>     Regards,
>     Ivan
>
>     On 06/24/2015 09:42 AM, Ващенков Алексейwrote:
>
>         Hi.
>
>         We use self-signed certificate for connection to powershell.
>         In process to add account using Exchange connector throws an
>         exception
>
>         ====
>
>         The SSL certificate is signed by an unknown certificate
>         authority. For more information, see the
>         about_Remote_Troubleshooting Help topic. Cannot validate
>         argument on parameter 'Session'. The argument is null. Supply
>         a non-null argument and try the command again.
>
>         We have added certificate to trusted roots in internet
>         settings. But it doesn’t take any effect.
>
>         What should we do to prevent this exception throwning?
>
>
>
>
>
>         _______________________________________________
>
>         midPoint mailing list
>
>         midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
>         http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>     -- 
>
>       Ing. Ivan Noris
>
>       Senior Identity Management Engineer & IDM Architect
>
>       evolveum.com                     evolveum.com/blog/
>
>       ___________________________________________________
>
>       "Semper Id(e)M Vix."
>
>
>
>
>     _______________________________________________
>
>     midPoint mailing list
>
>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
>     http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> -- 
>   Ing. Ivan Noris
>   Senior Identity Management Engineer & IDM Architect
>   evolveum.com                     evolveum.com/blog/
>   ___________________________________________________
>   "Semper Id(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer & IDM Architect
  evolveum.com                     evolveum.com/blog/
  ___________________________________________________
  "Semper Id(e)M Vix."

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150624/35b3a900/attachment.htm>


More information about the midPoint mailing list