none
Unable to connect to the remote server via RosettaNet 3.3 on BTS 2006 RRS feed

  • Question

  • I am encountering the following error message when the HTTP adapter attempts to send out receipt acknowledgements from RosettaNet:  "Unable to connect to the reomte server".

     

    I suspect the certificate may be causing the connectivity issue, as I get the following error when I attempt to access the URL via a web browser:

     

      'The name on the security certificate is invalid or does not match the name of the site'

     

    The certificates have been successfully installed to the 'Trusted Root Certification Authorities' and 'Other People' folders. Do the certs need to be installed to another location? Is there a way to configure the server to trust the cert through the BizTalk Accelerator for RosettaNet 3.3 Management Console despite the mismatch name? 

     

    Thanks.

     

    Wednesday, July 23, 2008 4:10 PM

Answers

  • A sneaky way to get a mismatched certificate to work (as long as it is on a domain you manage) is to add a DNS entry that resolves for the domain name on the certificate. You could have it resolve to the same place as you are using right now.

     

    Also, based on the host you are using for the HTTP adapter, you will need to add the certificate to the Personal folder of the app host account. If you are using the Isolated Host user account for the app pool of the site which runs your HTTP adapter, you will also need to logon and load the certificate on that account too. Here is a blog post I wrote about avoiding some of the pitfalls of certificate configuration for BizTalk: http://msinnovations.spaces.live.com/blog/cns!62E68922E47BC425!229.entry. This post does not talk about DNS configuration, but it does mention some tips on the certificate configuration for BizTalk.

     

    Thanks,

     

    Thursday, July 24, 2008 4:09 PM
    Moderator

All replies

  • A sneaky way to get a mismatched certificate to work (as long as it is on a domain you manage) is to add a DNS entry that resolves for the domain name on the certificate. You could have it resolve to the same place as you are using right now.

     

    Also, based on the host you are using for the HTTP adapter, you will need to add the certificate to the Personal folder of the app host account. If you are using the Isolated Host user account for the app pool of the site which runs your HTTP adapter, you will also need to logon and load the certificate on that account too. Here is a blog post I wrote about avoiding some of the pitfalls of certificate configuration for BizTalk: http://msinnovations.spaces.live.com/blog/cns!62E68922E47BC425!229.entry. This post does not talk about DNS configuration, but it does mention some tips on the certificate configuration for BizTalk.

     

    Thanks,

     

    Thursday, July 24, 2008 4:09 PM
    Moderator
  • Thanks for the response. Unfortunately, the domain is outside my control as the certificate was issued by an external trading partner. For grins, I have tried adding the DNS entry to the hosts file, but I still cannot connect to the remote server.
    Monday, July 28, 2008 3:48 PM
  •  

    Guettva,

    were you able to resolve this issue, i am facing the exact same issue as the one you have mentioned.I am using a similar environment as you are.There has to be some way of making biztalk accept the certificate even though there is the mismatch in the name.Please let me know if there is a solution.

     

    Thanks

    B

    Thursday, August 28, 2008 5:56 PM
  • Hi B,

    I was able to resolve the issue by adding an entry to the DNS host file as previously suggested and by getting the infrastructure team to resolve an underlying firewall issue.

    Hope this helps.
    Thursday, August 28, 2008 6:04 PM