cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Go to solution

Microsoft Lifecycle Services and SSL

We have a Windows VM running in Azure. The VM has our solution in D365 Supply Chain Management, where we use GoDaddy SSL certificate. We used to activate our solution by installing a deployable package with license keys through Microsoft Lifecycle Services. This way has stopped working some time ago. We can still install the licence keys directly in the VM, so the licence keys are 100% correct. Microsoft is aware about the issue and suggest to install the 'GoDaddy Certificate Bundles - G2' into the VM prior the installing the licence keys. The problem is that we do not have access to customers' VMs (e.g. production environments), where the solution should be activated. Therefore, we cannot install the certificate bundles or anything in there.
Is it known issue? Any advice?

Thank you

1 ACCEPTED SOLUTION
Resolver III

Hi,

 

There is no easy way and you have basically 3-4 options:

  1. ask your customers to install new certificates
  2. If the domain names for your customers are subdomains of your registered domain, you can set up a public CDN (Azure CDN, CloudFlare, Fastly, ...) to provide HTTPS (you can extend this to customers' domains by instructing them to add a CNAME record to their DNS).
  3. change your deployable package to use a web proxy / load balancer / CDN. You can then install certificates on the web proxy so that customers get HTTPS provided by the web proxy.
  4. change your deployable package to include an agent that willl help you request new certificates and install them.

Dan

———

I've worked around (not only) SSL security for over 20 years in enterprises and startups. 

I am now running an HTTPS expiry management service KeyChest.net

View solution in original post

1 REPLY 1
Resolver III

Hi,

 

There is no easy way and you have basically 3-4 options:

  1. ask your customers to install new certificates
  2. If the domain names for your customers are subdomains of your registered domain, you can set up a public CDN (Azure CDN, CloudFlare, Fastly, ...) to provide HTTPS (you can extend this to customers' domains by instructing them to add a CNAME record to their DNS).
  3. change your deployable package to use a web proxy / load balancer / CDN. You can then install certificates on the web proxy so that customers get HTTPS provided by the web proxy.
  4. change your deployable package to include an agent that willl help you request new certificates and install them.

Dan

———

I've worked around (not only) SSL security for over 20 years in enterprises and startups. 

I am now running an HTTPS expiry management service KeyChest.net

View solution in original post