Microsoft CRM IFD SSL Certificate Renewal

Following on from our very popular IFD configuration for Microsoft CRM.

http://www.interactivewebs.com/blog/index.php/server-tips/microsoft-crm-2011-how-to-configure-ifd-hosted-setup/

The time will come around where you need to renew the SSL certificate for your CRM IFD configuration.

This will include the renewal of the SSL certificate as used by IIS and and ADFS. Couple of steps we followed based exactly on the configuration outlined in our above linked blog post.

Generate a new SSL Request.

1. Open IIS Manager and click on server certificates.

image

2. Create certificate request

image

3. Fill in the data:

image Next

4. Change to 2048 Bit

image

5. Give it a name:

image

Finish and you are done.

Now Open the certificate text file and copy the text to your clip board, or use this with your certificate authority to issue you a new Wild Card Certificate. *.interactivewebs.com is what we use.

To get the certificate we use a service called “startssl.com” who allow you to issue certificates like this for 2 years for free once you are validated as a user.

Complete the Certificate Request

Once the new certificate has been issued to you you need to complete the request on IIS.

1. In IIS Manager click on Complete Certificate Request

image

2. Browse to the certificate from your issuer provider and give it a friendly name. We like to use a year in the name to help distinguish from the old one.

image

Finish the import.

Change the certificate used by IIS

1. Expand the two sites on the CRM server and click on Default Website first then Bindings / https

image

Then EDIT

2. Select the new certificate that you just imported and click on OK

image

3. Repeat this process fro the Microsoft Dynamics CRM website

image

selecting the new certificate here and OK.

4. Restart IIS

Set Permissions on SSL Certificate

1.  Click Start, and then click Run.
2.  Type MMC.
3.  On the File menu, click  Add/Remove Snap-in.
4.  In the Available snap-ins list, select Certificates, and then click Add. The Certificates Snap-in Wizard starts.
5.  Select Computer account, and then click Next.
6.  Select Local computer: (the computer this console is running on), and then click Finish.
7.  Click OK.
8.  Expand Console Root\Certificates (Local Computer)\Personal\Certificates.
9.  Right-click Certificates, click All Tasks, and then click Import.

Step 2: Add to the ADFS service account the permissions to access the private key of the new certificate. To do this, follow these steps:

1.  With the local computer certificate store still open, select the certificate that was just imported.
2.  Right-click the certificate, click All Tasks, and then  click Manage Private Keys.
3.  Add the account that is running the ADFS Service, and then give the account at least read permissions. (for us this is the Network Service)

Run the Deployment Manager with new Certificate

1. Run the CRM deployment manager:

image

2. Run the Configure Claims-based Authentication

image

Select the default settings.

image

image

Which should be the default from your IFD setup

But when you get to the Certificate, you need to select the new certificate.

image

image

Which should be visible from the list after importing it in the steps above.

3. Run the Configure Internet Facing Deployment action and just step though it with the default settings.

image

4. Restart the AD FS 2.0 Windows Service

image

Configure AD

Set the Service Communication Certificate

1. Start AD FS 2.0 Management

image

2. Expand certificates and select Set Service Communications Certificate

image

3. Select the new certificate that will be listed here.

image

Update Relying Party Trusts

1. From the AD FS 2.0 Management, Select your replying party trusts and update from the federation metadata one by one.

image

Update both listed. They will likely have a red cross before you do this.

Restart Services

Restart AD FS Service:

image

and restart IIS the usual way.

And you should be done. Login to your CRM IFD again and enjoy.

Please feel free to link to / reference this blog. Comments welcome below.

Font Icons Not Displaying in Internet Explorer IE 9 / 10

With the Bulk Emailer application we have used font icons to improve response and scalability with different devices. So far we have been happy with how they work using some boot strap code that is used for our user interface.

What we have noticed, and it’s no big surprise… Internet Explorer 9 and IE 10 will not display font icons correct.

What you should see is this:

image

But ends up rendering like this:

image

The Problem is WOFF Fonts on IIS

For IIS 6 and later, they do not handle WOFF fonts as icons for Internet Explorer. Most other browsers will support them, however IE like usual will behave like a black sheep.

There appears to be two solutions to this problem.

Solution 1 – Adding a MIME type to Internet Information Server IIS

Add the following MIME type to the IIS server settings.

  • .woff application/x-woff
    1. Open IIS Manager and navigate to the level you want to manage. For information about opening IIS Manager, see Open IIS Manager (IIS 7). For information about navigating to locations in the UI, see Navigation in IIS Manager (IIS 7).

    2. In Features View, double-click MIME Types.

    3. In the Actions pane, click Add.

    4. In the Add MIME Type dialog box, type a file name extension in the File name extension text box. For example, type .xyz.

    5. Type a MIME type in the MIME type text box. For example, type application/octet-stream.

    6. Click OK.

image

Solution 2 – Adding some code to the web.config

A lot of people don’t have access to configure IIS in DotNetNuke, so you can add the following to the web.config.

Under the yellow below add the green lines

<system.webServer>
    <staticContent>

       <mimeMap fileExtension=”.woff” mimeType=”application/x-font-woff” />
    </staticContent>
  </system.webServer>

This should get you out of trouble.

XML Sitemap Generator for WordPress There was a problem writing your sitemap file IIS Fix

If you are hosted on IIS for your wordpress site, you will notice that when you go to your XMP Sitemap Generator for WordPress, you notice a problem reported:

There was a problem writing your sitemap file. Make sure the file exists and is writable.

There was a problem writing your zipped sitemap file. Make sure the file exists and is writable.

In Red.

This is telling you that the auto update process for the XML Sitemap Generator for WordPress plugin has failed to create the files needed. If you click on the Rebuild the sitemap link it will manually rebuild.

The Fix

Easy one. On IIS servers, all paths for files require a \ (backslash) where the auto detected path will put a / (forward slash) after the end of the true path and before the sitemap.xml file.

image

Just update it in the Custom Location to the correct \ and save the changes. This will address the problem.

image

Bulk Emailer–Customer Review

image

I wanted to place this review on the DNN store but there is no review button in my download page for your product. It may be because it is an old order or product version. Please would you turn it on so I can post it and feel free to post it with my name on your site.

Regards

Richard Sletcher

If you have not yet used the InteractiveWebs email module you don’t know what you are missing. It is spectacular. The system is vast and would require a manual to list all the super cool features but let me give you some of my highlights.

  1. The user interface is clean and extremely user friendly.
  2. You are able to send SMS and email
  3. The inclusion of MyTokens allows you to personalize at a whole new level. Let me rave for a moment…

Imagine you have a list of restaurant clients containing FirstName, LastName, BirthDay, FoodPreference. You could send out an email like this…

Dear [MyToken:FirstName]

Your birthday is coming up in [MyToken:DaysToBirthday] and we would like to help you celebrate by offering you a 20% on [MyToken:MealPreference]. 

Regards

Richard

… Get the idea?

The best part is that you can automate the entire process. You simply build a list of all people having a birthday in 5 days time and then tell the email to run every day. Each day the system builds a list of people with upcoming birthdays and sends an email or SMS all driven from your internal data. 

  1. You can schedule the emails to run in intervals as small as a seconds apart and as large as a years apart.
  2. And the best of all… The InteractiveWebs team is totally on the ball when it comes to support.

OK… ENOUGH! 

This is a killer module and I recommend that you take the time to try it out.

Richard – one seriously happy InteractiveWebs customer!

DotNetNuke can’t upgrade as Host Login does not work

DotNetNuke Upgrade Fails. Cannot login with Host.

If you are trying to upgrade your DotNetNuke site and found that you are presented with the Welcome to the DotNetNuke Upgrade Page, but can’t login with your Host (SuperUser) account.

image

DotNetNuke Upgrade – Version 06.02.07

Current Version – 06.02.05

Welcome to the DotNetNuke Upgrade Page.

The first step is to choose the language you wish to use for the Upgrade.

You are about to upgrade your website to a more recent version of the DotNetNuke application. Applying upgrades on a consistent basis is the best way to ensure that you are protecting the integrity of your investment and the security of your users and assets. Before proceeding with the automated upgrade process please ensure that:

  • you have made plans to first attempt this process in a staging environment
  • you have documented your current installation characteristics including doing research on the compatibility of any third party modules which you may be using
  • you have created the necessary backups of your environment so that you will be able to restore your website in the event of an unexpected upgrade failure.

Solution

Just simply close your browsers, or better yet, grab a browser that you have not accessed for some time. Then try hitting your URL and loggin in with the new browser session. While I did not bother to work out what the cache issue was, I did find it was cache related to an open browser session that was trying to authenticate to a previous session.

Easy when you know how~!

.zip files from Mac OS show up as green/encrypted

Green files and folders on Windows 7 indicate they are encrypted.

Usually this is a function of a program that will make these files encrypted for a reason. Security is usually the reason. But…

An interesting little bug in the process of creating a .zip file on a mac and moving it over to a Windows computer.

When a .zip file is created according to standards for .zip files found here:

http://www.pkware.com/documents/casestudies/APPNOTE.TXT

They specify that .zip archives include a tag informing about itself to the program trying to decompress the archive. This tag information is known as the “version made by” and as the name suggest, it would tag information about the program version of .zip and the files system in use.

 0 - MS-DOS and OS/2 (FAT / VFAT / FAT32 file systems)
          1 - Amiga                     2 - OpenVMS
          3 - UNIX                      4 - VM/CMS
          5 - Atari ST                  6 - OS/2 H.P.F.S.
          7 - Macintosh                 8 - Z-System
          9 - CP/M                     10 - Windows NTFS
         11 - MVS (OS/390 - Z/OS)      12 - VSE
         13 - Acorn Risc               14 - VFAT
         15 - alternate MVS            16 - BeOS
         17 - Tandem                   18 - OS/400
         19 - OS/X (Darwin)            20 thru 255 - unused

When the Mac system encrypts the files, it marks them with the attribute of being UNIX based files. Correct considering the Mac operating system is based on UNIX.

The problem arises at the Windows end. Because Windows is created by the most arrogant computer company in the world, it does not recognise that a .zip file could have been created with a computer that is not running Windows. It fails to correctly see the flag as UNIX and marks the files as Encrypted.

Leaving Files Encrypted

If the files are left as encrypted, you may find that there are problems if the files are shred on a network drive etc. Taking ownership will not change this flag, and resetting permissions does nothing.

The Easy Fix – Remove Encrypted Tag

Removing the incorrect Encrypted Flag on a green file in Windows 7, or Windows Server is really easy. Right click the file or files (holding the shift key to select multiple folders and files) then Click: Properties / Advanced / Un-tick the Encrypted Option

 

That’s about it. All fixed.

Internet Explorer will not display some JPG Red X

A jpg image opens in Firefox but not Internet Explorer

Question

A jpg image opens in Firefox but not Internet Explorer.

Answer

Microsoft Internet Explorer 8.0 dropped support for jpeg images saved as CMYK and now only supports images saved in RGB mode. Below is an example and easy way to verify this issue. In the below example, we have two images; one saved in CMYK and the other saved as RGB.

CYMK Image
CYMK example image
RGB Image
RGB example image

If this issue exists, the CMYK image will appear as a red X or broken image in Internet Explorer. However, opening this page in Chrome or Firefox should show both images. If both images are visible to Internet Explorer, this is not the issue with your version of Internet Explorer.

Out suggestion would be to use just about any other browser that IE 8. Update to Chrome or Firefox and use that browser.

Setting Up WordPress on Amazon EC2

Last evening I signed up for Amazon Web Services (AWS) free usage tier to test the features and available services. Another reason was to use Amazon Simple Storage Service (Amazon S3) for storing my site’s backups.

The services are available at fairly reasonable price. Especially, if you are using S3 then you are making a very good deal.

Since, the free usage tier comes with 750 free hours of Amazon EC2 for each month for a year I thought of giving it a try and running WordPress.

Here is a step-by-step guide to setting up and running WordPress on Amazon EC2.

Sign up / Log in to your AWS Account:

If you do not have an AWS account then you can signup for the free usage tier and login to your account.

Setting up our server:

After you have logged in to AWS account, click “My Account / Console”  in top right corner of the screen and then click on “AWS Management Console”. You will be presented with something like this :

Click on “EC2″ link and you will be taken to the EC2 Dashboard. Click on “Launch Instance” button to create a new instance. Follow the “Classic Wizard” as shown below :

classic-wizard

Click “Continue” and on the next screen select “Ubuntu Server 12.04.1 LTS”

Quick-StartOn the next screen, you can proceed with the default settings. Make sure that “Instance Type” is set to “Micro” because that comes free with AWS Free Usage Tier. Click “Continue”

Instance-DetailsClick “Continue” on the next screen :

Instance-Details-1Again, click continue on the next screen.

After that you can add a “Name” for your instance for better organization. I have named it as “WordPress”.

Add-TagNow, you need to create a “Key Pair” so that you can connect easily with your server via SSH. Give an easy to remember name to your key pair and download the file. Keep the file in a place that you can remember. As you will need this file to connect with your server.

key-pairNext step is to configure the Firewall and make sure that only required ports are open for our server. Create a new security group. I have named it as “WP”. Now, click the dropdown for “Create a new rule” select SSH and click “Add Rule”. Repeat it for HTTP.

security-group

And we are done, setting up our instance. Click “Launch”.

launch-server

Go to “Instances” page and you will see your new server being initialized and in some time it will be up and running. But, it’s not yet ready to run a WordPress site.

We need to setup the essential services to run WP : Apache, PHP and MySQL.

Connect via Terminal

Select the instance which we created above and click “Instance Actions”, in the pop-up menu click on “Connect”

connect-terminal

Here you will need to enter the path of key file that you saved to your computer while creating the instance. Once that’s done you can click “Launch SSH Client”. If you wish you can also store key location in browser cache so that you won’t need to re-enter it every time you connect.

launch-ssh-client

Setting up Apache :

Now, we are connected to our server. Next step is to setup Apache. By default, you will be logged in as user : ubuntu. Let’s switch the user to “root” so that we can get complete access. Use the following command to do so:

sudo su

view rawSwitch to Root userThis Gist brought to you by GitHub.

Use the following command in terminal to install Apache on your server:

sudo apt-get update

sudo apt-get upgrade

apt-get install apache2

view rawInstall ApacheThis Gist brought to you by GitHub.

After the installation is complete, look for Public DNS of your instance as shown below:

public-dns

Copy this Public DNS and paste it in browser’s address bar. You will see a test page for Apache like below :

apache-test-page

Installing PHP5

Our Apache is working and now we will install PHP5. For installing PHP5 use following commands in your terminal:

12345

apt-get install php5

 

apt-get install libapache2-mod-php5

 

/etc/init.d/apache2 restart

view rawInstall PHP5This Gist brought to you by GitHub.

Note: If your PHP installation fails with a message such as “Unable to fetch some archives…” then run the following command and repeat the above process:

apt-get update

Now, your web files placed in /var/www/ can be accessed in the browser via Public DNS.

Let’s create a test PHP file to make sure that we have PHP running properly. Use the following command to do so :

123

cd /var/www/

 

vi mytest.php

view rawPHP InfoThis Gist brought to you by GitHub.

This will create a new PHP file and open editor. Follow the following steps to add content to file :

  1. Press i to switch to insert mode.
  2. Type <?php phpinfo() ?>
  3. Hit escape key
  4. Type :wq to write the contents to file and quit the editor.

php-info

After creating the file run the file in your browser using the address as your-public-dns/mytest.php and it will show a page like below :

php-test

Now that PHP is running perfectly on our Apache. We need MySQL for creating database.

Install MySQL

Process for installing MySQL is similar to the process we followed for installing PHP. Use the following command in terminal to install MySQL :

1

apt-get install mysql-server

view rawInstall MySQL serverThis Gist brought to you by GitHub.

During installation process you will be asked to create a password for “root” user. Keep this password safe in your memory or computer because this will be required to access the database later on.

mysql-password

Since we need to run PHP5 with MySQL, we will also install PHP module for MySQL using the following command

123

apt-get install php5-mysql

 

apt-get install libapache2-mod-auth-mysql

view rawPHP5 MySQLThis Gist brought to you by GitHub.

After this we can create database and continue with setting up WordPress. But, it will be nice to setup phpMyAdmin visual interface. So, let’s go ahead with it.

Installing phpMyAdmin

Use the following command to install phpMyAdmin and make sure you configure it for “Apache2″ web server :

1

apt-get install phpmyadmin

view rawphpMyAdminThis Gist brought to you by GitHub.

php-myadmin-setup

Follow the instructions on screen and remember the password that you enter in each field. After the installation of phpMyAdmin is complete we need to configure our Apache to make phpMyAdmin accessible via browser.

Use the following command for configuring Apache:

123

ln -s /etc/phpmyadmin/apache.conf /etc/apache2/conf.d/phpmyadmin.conf

 

/etc/init.d/apache2 reload

view rawConfigure ApacheThis Gist brought to you by GitHub.

We restart the apache web server so that it picks up our changes.

That’s all done. Now, you can access phpMyAdmin in browser via your-public-dns/phpmyadmin

Enter username : root and the password which you created while installing MySQL.

php-myadmin

Login to the admin and create a new database that we will use later for installing WordPress.

Now, we have all essential elements on our virtual server for running WordPress and everything is working perfectly. So, let’s install WordPress.

Downloading WordPresss

First  we will navigate to the home directory of our server and then download the latest copy of WordPress and extract it to /var/www directory by using the following command :

123

cd

wget http://wordpress.org/latest.tar.gz

tar -xzvf latest.tar.gz -C /var/www

view rawDownload WPThis Gist brought to you by GitHub.

By default, all the files will be extracted in a directory “wordpress” so your files are at /var/www/wordpress/ to move the files to root of web server and then remove the “wordpress” directory we will use:

123

cp -avr /var/www/wordpress/* /var/www

 

rm -rf /var/www/wordpress

view rawmove WP to rootThis Gist brought to you by GitHub.

Before we install WordPress we need to map our domain name with the virtual server so that the site is accessible easily.

Mapping Domain Name :

Now we have everything ready in place and all we need to do is map our domain with our virtual server. For this you will have to associate an IP with the instance and map the domain name to that IP.

Head back to EC2 console and click “Elastic IPs” in the left pane. Click “Allocate New Address”

allocate-elastic-ip

Now, you will see a new IP address in the console. Click “Associate Address” to associate this IP with your instance.

associate-ip

Now, switch to back to “Instances” panel and you can check the attachment status.

elastic-ip

You will need to connect to your server by IP address now. Your hostname (public DNS) will no longer work, and if you detach the IP, your instance will be assigned a different hostname (public DNS). So, it’s best to not to change IP or detach it.

You can map your domain name to this elastic IP and it will work perfectly.

For now, I am using IP to access and setup the site. I entered elastic IP in address bar followed by /index.php and it came up with WordPress installation page.

create-wp-config

That’s all! Now, you can use follow the steps of WordPress installation, enter required details and setup the site.

Oh but wait! I came up with this :

cant-create-wp-config

This is because our current apache user doesn’t have rights to write to the file. To fix this error we will grant access rights to our current apache user. First connect to the server via terminal as we did in the beginning and then execute following commands :

12

sudo chown -R www-data /var/www

sudo chmod -R 755 www-data /var/www

view rawFile permissionsThis Gist brought to you by GitHub.

Here, www-datais the default apache user.

There is another issue left to be fixed. That is use of htaccess file and Pretty Permalinks in WordPrses. We will enable use of htaccess file and then enable the rewrite engine for Pretty Permalinks.

Enable htaccess and URL Rewrite

To make .htaccess files work as expected, you need to edit default apache file :

1

sudo vim /etc/apache2/sites-available/default

view rawEdit Apache default fileThis Gist brought to you by GitHub.

Look for :

123456

<Directory /var/www/>

Options Indexes FollowSymLinks MultiViews

AllowOverride None

Order allow,deny

allow from all

</Directory>

view rawApache DefaultThis Gist brought to you by GitHub.

Press i to enable insert mode and replace AllowOverride None to AllowOverride All. Now hit escape key and type :wq to write the changes to file and exit the editor.

htaccess-file

Restart the apache web server for changes to take effect.

1

sudo /etc/init.d/apache2 restart

view rawRestart ApacheThis Gist brought to you by GitHub.

Continue with WP installation

Finally! You are all set to run WordPress site on Amazon EC2. Proceed with the installation process and it will work.

Like I have it here:

Amazon-EC2-WordPress-Site

Here comes the end to my tutorial. I am not a server administrator or a linux expert. This was a result of my hit-and-trial experiments. So, if you have any suggestions for improvement then please feel free to share your comments.

Changing SMTP Port 25 to a non blocked port

How to Change Port 25 in your email client

Sometime your ISP will block port 25 and prevent you from sending SMTP email on that port. Your email service provider may ask you to change the port being used to something other than port 25.

 

Most email programs have configuration settings like this:

image

Where on the Advanced Tab or similar depending on the email program in question there are settings for the outgoing SMTP server.

To change the SMTP port from 25 to 587 for example you just replace this:

image

Click OK and you are done.

Note:

It should be noted that the port number to use must be provided to you by your Email ISP.