Wednesday, December 2, 2015

Microsoft BizTalk Adapter Service Setup Wizard Ended Prematurely


Azure BizTalk Services SDK installation was interrupted, during the installation of last component(Runtime Component) i.e., BizTalk Adapter Service



Clicked on the log file to see the actual reason for failure.


As can be seen in image below nothing significant was there


Why it happened:


So why it happened? to find it had a look at Event Viewer --> Windows Logs--> System  and there it was "The SSL server credential's certificate does not have a private key information property attached to it"



The error says that the certificate provided does not have private key associated with it. It makes sense, I had provided the self signed certificate which was downloaded after provisioning the BizTalk service and it has only public key associated with it.


What to do:

We need to provide certificate with private key as it will be used while creating the web site on the machine where you are running this setup.

We can create a self signed certificate for which we have private key, to create it ,open Developer Command Prompt for VS2012 and with help of makecert  we create a self signed certificate 

makecert -pe -r -n "CN=demo" -e "12/01/2019" -sr LocalMachine -ss root


-pe : Marks the generated private key as exportable
-r : Creates a self-signed certificate.
-e : Specifies the end of the validity period
-sr : Specifies the subject's certificate store location. location can be either currentuser (the default) or localmachine
-ss: Specifies the subject's certificate store name that stores the output certificate

You can see the certificate created under Trusted Root Certification Authorities of the Local Computer certificate store

And using certutil we export the private key of the above created certificate from certificate store

certutil -exportPFX -p "demopassword" root demo demo.pfx



After we are done with export, we need to provide this to IIS server as when we install the Runtime an on-premise web service running in IIS is installed and this  BAS web service needs to be secured and for that we need a self-signed certificate for which we have a private key. To provide IIS the certificate, open IIS manager, navigate to Server Certificate

 
Right-click on the screen and select Import. Click on the ellipsis (...) on the Import Certificate Window, select the private key (.pfx file) we exported in the previous step



and enter the password (the one provided while exporting) and leave the default values as it is

 

You can see the certificate added in Server Certificates




and Personal store as well





Allright, so next is to rerun the installation of Runtime component, this time I selected the above created certificate (demo) instead of the certificate downloaded from portal while provisioning BizTalk Service on portal(testbizserv1.biztalk.windows.net)
Port left as default 8080



And the installation was successful







 

2 comments:

  1. Life saver! Thanks!

    ReplyDelete
  2. Since the admin of this site is working, no question very
    soon it will be renowned, due to its quality contents.

    ReplyDelete