Wednesday, December 2, 2015

Microsoft BizTalk Adapter Service Setup Wizard Ended Prematurely

Azure BizTalk Services SDK installation was interrupted, during the installation of last component(Runtime Component) i.e., BizTalk Adapter Service

 
 
Clicked on the log file to see the actual reason for failure.
 
 
As can be seen in image below nothing significant was there
 
 

Why it happened:

 
So why it happened? to find it had a look at Event Viewer --> Windows Logs--> System  and there it was "The SSL server credential's certificate does not have a private key information property attached to it"
 
 
 
The error says that the certificate provided does not have private key associated with it. It makes sense, I had provided the self signed certificate which was downloaded after provisioning the BizTalk service and it has only public key associated with it.
 
 

What to do:

We need to provide certificate with private key as it will be used while creating the web site on the machine where you are running this setup.
 
We can create a self signed certificate for which we have private key, to create it ,open Developer Command Prompt for VS2012 and with help of makecert  we create a self signed certificate 
 
makecert -pe -r -n "CN=demo" -e "12/01/2019" -sr LocalMachine -ss root

 
-pe : Marks the generated private key as exportable
-r : Creates a self-signed certificate.
-e : Specifies the end of the validity period
-sr : Specifies the subject's certificate store location. location can be either currentuser (the default) or localmachine
-ss: Specifies the subject's certificate store name that stores the output certificate

You can see the certificate created under Trusted Root Certification Authorities of the Local Computer certificate store

 
And using certutil we export the private key of the above created certificate from certificate store

certutil -exportPFX -p "demopassword" root demo demo.pfx
 

 
 
 

After we are done with export, we need to provide this to IIS server as when we install the Runtime an on-premise web service running in IIS is installed and this  BAS web service needs to be secured and for that we need a self-signed certificate for which we have a private key. To provide IIS the certificate, open IIS manager, navigate to Server Certificate
 
 
 
Right-click on the screen and select Import. Click on the ellipsis (...) on the Import Certificate Window, select the private key (.pfx file) we exported in the previous step
 

 
and enter the password (the one provided while exporting) and leave the default values as it is
 
 

You can see the certificate added in Server Certificates

 

 
and Personal store as well


 

 
Allright, so next is to rerun the installation of Runtime component, this time I selected the above created certificate (demo) instead of the certificate downloaded from portal while provisioning BizTalk Service on portal(testbizserv1.biztalk.windows.net)
 
 
Port left as default 8080
 



And the installation was successful


 

 

 
 

1 comment: