Microsoft CRM IFD SSL Certificate Renewal

Following on from our very popular IFD configuration for Microsoft CRM.

http://www.interactivewebs.com/blog/index.php/server-tips/microsoft-crm-2011-how-to-configure-ifd-hosted-setup/

The time will come around where you need to renew the SSL certificate for your CRM IFD configuration.

This will include the renewal of the SSL certificate as used by IIS and and ADFS. Couple of steps we followed based exactly on the configuration outlined in our above linked blog post.

Generate a new SSL Request.

1. Open IIS Manager and click on server certificates.

image

2. Create certificate request

image

3. Fill in the data:

image Next

4. Change to 2048 Bit

image

5. Give it a name:

image

Finish and you are done.

Now Open the certificate text file and copy the text to your clip board, or use this with your certificate authority to issue you a new Wild Card Certificate. *.interactivewebs.com is what we use.

To get the certificate we use a service called “startssl.com” who allow you to issue certificates like this for 2 years for free once you are validated as a user.

Complete the Certificate Request

Once the new certificate has been issued to you you need to complete the request on IIS.

1. In IIS Manager click on Complete Certificate Request

image

2. Browse to the certificate from your issuer provider and give it a friendly name. We like to use a year in the name to help distinguish from the old one.

image

Finish the import.

Change the certificate used by IIS

1. Expand the two sites on the CRM server and click on Default Website first then Bindings / https

image

Then EDIT

2. Select the new certificate that you just imported and click on OK

image

3. Repeat this process fro the Microsoft Dynamics CRM website

image

selecting the new certificate here and OK.

4. Restart IIS

Set Permissions on SSL Certificate

1.  Click Start, and then click Run.
2.  Type MMC.
3.  On the File menu, click  Add/Remove Snap-in.
4.  In the Available snap-ins list, select Certificates, and then click Add. The Certificates Snap-in Wizard starts.
5.  Select Computer account, and then click Next.
6.  Select Local computer: (the computer this console is running on), and then click Finish.
7.  Click OK.
8.  Expand Console Root\Certificates (Local Computer)\Personal\Certificates.
9.  Right-click Certificates, click All Tasks, and then click Import.

Step 2: Add to the ADFS service account the permissions to access the private key of the new certificate. To do this, follow these steps:

1.  With the local computer certificate store still open, select the certificate that was just imported.
2.  Right-click the certificate, click All Tasks, and then  click Manage Private Keys.
3.  Add the account that is running the ADFS Service, and then give the account at least read permissions. (for us this is the Network Service)

Run the Deployment Manager with new Certificate

1. Run the CRM deployment manager:

image

2. Run the Configure Claims-based Authentication

image

Select the default settings.

image

image

Which should be the default from your IFD setup

But when you get to the Certificate, you need to select the new certificate.

image

image

Which should be visible from the list after importing it in the steps above.

3. Run the Configure Internet Facing Deployment action and just step though it with the default settings.

image

4. Restart the AD FS 2.0 Windows Service

image

Configure AD

Set the Service Communication Certificate

1. Start AD FS 2.0 Management

image

2. Expand certificates and select Set Service Communications Certificate

image

3. Select the new certificate that will be listed here.

image

Update Relying Party Trusts

1. From the AD FS 2.0 Management, Select your replying party trusts and update from the federation metadata one by one.

image

Update both listed. They will likely have a red cross before you do this.

Restart Services

Restart AD FS Service:

image

and restart IIS the usual way.

And you should be done. Login to your CRM IFD again and enjoy.

Please feel free to link to / reference this blog. Comments welcome below.

Font Icons Not Displaying in Internet Explorer IE 9 / 10

With the Bulk Emailer application we have used font icons to improve response and scalability with different devices. So far we have been happy with how they work using some boot strap code that is used for our user interface.

What we have noticed, and it’s no big surprise… Internet Explorer 9 and IE 10 will not display font icons correct.

What you should see is this:

image

But ends up rendering like this:

image

The Problem is WOFF Fonts on IIS

For IIS 6 and later, they do not handle WOFF fonts as icons for Internet Explorer. Most other browsers will support them, however IE like usual will behave like a black sheep.

There appears to be two solutions to this problem.

Solution 1 – Adding a MIME type to Internet Information Server IIS

Add the following MIME type to the IIS server settings.

  • .woff application/x-woff
    1. Open IIS Manager and navigate to the level you want to manage. For information about opening IIS Manager, see Open IIS Manager (IIS 7). For information about navigating to locations in the UI, see Navigation in IIS Manager (IIS 7).

    2. In Features View, double-click MIME Types.

    3. In the Actions pane, click Add.

    4. In the Add MIME Type dialog box, type a file name extension in the File name extension text box. For example, type .xyz.

    5. Type a MIME type in the MIME type text box. For example, type application/octet-stream.

    6. Click OK.

image

Solution 2 – Adding some code to the web.config

A lot of people don’t have access to configure IIS in DotNetNuke, so you can add the following to the web.config.

Under the yellow below add the green lines

<system.webServer>
    <staticContent>

       <mimeMap fileExtension=”.woff” mimeType=”application/x-font-woff” />
    </staticContent>
  </system.webServer>

This should get you out of trouble.

XML Sitemap Generator for WordPress There was a problem writing your sitemap file IIS Fix

If you are hosted on IIS for your wordpress site, you will notice that when you go to your XMP Sitemap Generator for WordPress, you notice a problem reported:

There was a problem writing your sitemap file. Make sure the file exists and is writable.

There was a problem writing your zipped sitemap file. Make sure the file exists and is writable.

In Red.

This is telling you that the auto update process for the XML Sitemap Generator for WordPress plugin has failed to create the files needed. If you click on the Rebuild the sitemap link it will manually rebuild.

The Fix

Easy one. On IIS servers, all paths for files require a \ (backslash) where the auto detected path will put a / (forward slash) after the end of the true path and before the sitemap.xml file.

image

Just update it in the Custom Location to the correct \ and save the changes. This will address the problem.

image

Bulk Emailer–Customer Review

image

I wanted to place this review on the DNN store but there is no review button in my download page for your product. It may be because it is an old order or product version. Please would you turn it on so I can post it and feel free to post it with my name on your site.

Regards

Richard Sletcher

If you have not yet used the InteractiveWebs email module you don’t know what you are missing. It is spectacular. The system is vast and would require a manual to list all the super cool features but let me give you some of my highlights.

  1. The user interface is clean and extremely user friendly.
  2. You are able to send SMS and email
  3. The inclusion of MyTokens allows you to personalize at a whole new level. Let me rave for a moment…

Imagine you have a list of restaurant clients containing FirstName, LastName, BirthDay, FoodPreference. You could send out an email like this…

Dear [MyToken:FirstName]

Your birthday is coming up in [MyToken:DaysToBirthday] and we would like to help you celebrate by offering you a 20% on [MyToken:MealPreference]. 

Regards

Richard

… Get the idea?

The best part is that you can automate the entire process. You simply build a list of all people having a birthday in 5 days time and then tell the email to run every day. Each day the system builds a list of people with upcoming birthdays and sends an email or SMS all driven from your internal data. 

  1. You can schedule the emails to run in intervals as small as a seconds apart and as large as a years apart.
  2. And the best of all… The InteractiveWebs team is totally on the ball when it comes to support.

OK… ENOUGH! 

This is a killer module and I recommend that you take the time to try it out.

Richard – one seriously happy InteractiveWebs customer!