Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
CRM 2011 - New server/front end installation with current back end; Multiple servers with IFD and Claims-based Authencation RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    We have a test CRM server which is currently set up successfully for claims-based authentication and internet-facing deployment (IFD).  We are trying to set up our Production environment on a new CRM server and to point to all the existing instances of SQL, Report server, etc.  However, during setup, we receive this error:

    "the encryption certificate cannot be accessed by the crm service account..."

    http://social.microsoft.com/Forums/hr-HR/crmdeployment/thread/b6937647-c01b-4803-ab84-25b9bf228dbd

    Does anyone know how to help with this error?  Also, why isn't there documentation for setting up multiple CRM servers in the Implementation Guide?  Can anyone direct me to a site/documentation which can help?  Thanks

    Thursday, February 28, 2013 7:49 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    The service account (the account of the application pool I think) needs read permissions on the private key of the certificate you use.

    Start a console (mmc) and load the certificate snap in.
    Go to your certificate, right click it and select 'All Tasks' => 'Manage private keys'.
    Give the service account read privilege
    run IISRESET


    Friday, March 1, 2013 7:55 AM