服务器 Gind.cn
  1. 服务器 Gind.cn
  3. Dynamics CRM:Get-Crm设置SSL / TLS错误
Intereting Posts
Cisco路由器上的IP表的ACL规则规则 用于定义文件夹权限和监控偏差的规则的软件 PSEXEC使用存在两台服务器的本地帐户进行访问 Windows Server 2012 r2标准激活问题 – MAK许可证 Supermicro服务器SC733T Super Doctor 5,RAID硬盘状态 用于SSL证书跟踪/请求/生成的简单CA Web界面 群集未知应用程序的群集/负载平衡 如何隐藏FTP用户被监禁到用户家中的文件夹 MSterminal服务器/防火墙用法查询 寻找灵活的防火墙/ NAT软件来模仿SOHO网关 OPENVPN路由所有stream量 – Synology 如何解决导致Segmenation故障的PHP脚本? 从7.0升级到8.5后,IIS性能降低 configurationiptables以允许ddcp和SCTP 努力与Linux权限(再次)

Dynamics CRM:Get-Crm设置SSL / TLS错误

尝试在我们的某个服务器上启用跟踪时出现错误。

使用的命令: 

Add-PSSnapin Microsoft.Crm.PowerShell Get-CrmSetting TraceSettings

错误: 

 Get-CrmSetting : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. At line:1 char:1 + Get-CrmSetting TraceSettings + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidArgument: (Microsoft.Crm.P...rmSettingCmdlet:GetCrmSettingCmdlet) [Get- CrmSetting], WebException + FullyQualifiedErrorId : CRM Deployment Cmdlet Error,Microsoft.Crm.PowerShell.GetCrmSettingCmdlet

这是一个多服务器环境,Web和应用程序是分开的。

该错误表示在您尝试连接的端点上使用的证书是不受信任的证书。

我build议确保在端点上使用有效和可信的证书。

但是,如果这是不可能的,你可以设置PowerShell允许每个会话使用此function一次不受信任的证书。

但是请注意,运行此函数将禁用PowerShell通常会执行的所有证书检查,并且重置此操作的唯一方法是closures并重新打开PowerShell。 

 function Disable-SSLValidation { <# .SYNOPSIS Disables SSL certificate validation .DESCRIPTION Disable-SSLValidation disables SSL certificate validation by using reflection to implement the System.Net.ICertificatePolicy class. Author: Matthew Graeber (@mattifestation) License: BSD 3-Clause .NOTES Reflection is ideal in situations when a script executes in an environment in which you cannot call csc.ese to compile source code. If compiling code is an option, then implementing System.Net.ICertificatePolicy in C# and Add-Type is trivial. .LINK http://www.exploit-monday.com #> Set-StrictMode -Version 2 # You have already run this function if ([System.Net.ServicePointManager]::CertificatePolicy.ToString() -eq 'IgnoreCerts') { Return } $Domain = [AppDomain]::CurrentDomain $DynAssembly = New-Object System.Reflection.AssemblyName('IgnoreCerts') $AssemblyBuilder = $Domain.DefineDynamicAssembly($DynAssembly, [System.Reflection.Emit.AssemblyBuilderAccess]::Run) $ModuleBuilder = $AssemblyBuilder.DefineDynamicModule('IgnoreCerts', $false) $TypeBuilder = $ModuleBuilder.DefineType('IgnoreCerts', 'AutoLayout, AnsiClass, Class, Public, BeforeFieldInit', [System.Object], [System.Net.ICertificatePolicy]) $TypeBuilder.DefineDefaultConstructor('PrivateScope, Public, HideBySig, SpecialName, RTSpecialName') | Out-Null $MethodInfo = [System.Net.ICertificatePolicy].GetMethod('CheckValidationResult') $MethodBuilder = $TypeBuilder.DefineMethod($MethodInfo.Name, 'PrivateScope, Public, Virtual, HideBySig, VtableLayoutMask', $MethodInfo.CallingConvention, $MethodInfo.ReturnType, ([Type[]] ($MethodInfo.GetParameters() | % {$_.ParameterType}))) $ILGen = $MethodBuilder.GetILGenerator() $ILGen.Emit([Reflection.Emit.Opcodes]::Ldc_I4_1) $ILGen.Emit([Reflection.Emit.Opcodes]::Ret) $TypeBuilder.CreateType() | Out-Null # Disable SSL certificate validation [System.Net.ServicePointManager]::CertificatePolicy = New-Object IgnoreCerts }

特别感谢Matt Graeber编写代码。