Which config variable or SIF pre-requisite relates to a CRYPT_E_NOT_FOUND error during Sitecore 9 Install using SIF?

1

I'm using SIF 1.2.0 (with Sitecore Fundamentals 1.1.0) and the Sitecore 9 install is failing on the CreateBindingsWithDevelopmentThumbprint : AddWebFeatureSSL.

from the log:

[------------------ CreateBindingsWithDevelopmentThumprint : AddWebFeatureSSL ----------------------------------------]

VERBOSE: Resolving ConfigFunction extension 'joinpath'

VERBOSE: Resolved 'Invoke-JoinPathConfigFunction'

VERBOSE: Invoke-JoinPathConfigFunction

VERBOSE: Joining: C:\inetpub\wwwroot\siteName\App_Data

VERBOSE: Result: C:\inetpub\wwwroot\siteName\App_Data

VERBOSE: Performing the operation "Add-WebFeatureSSL" on target "siteName".

VERBOSE: Test-WebFeatureSSL: Failed to locate certificate for DnsName siteName in Cert:\LocalMachine\My

VERBOSE: Searching certificates in Cert:\LocalMachine\Root for Name DO_NOT_TRUST_SitecoreFundamentalsRoot

VERBOSE: Success, found certificate for Name DO_NOT_TRUST_SitecoreFundamentalsRoot (thumbprint: 2288AA499893E9F947EA9137A680F809808E1710)

VERBOSE: Add-WebFeatureSSL: Found existing certificate for 'DO_NOT_TRUST_SitecoreFundamentalsRoot' in Cert:\LocalMachine\Root, skipping

VERBOSE: Add-WebFeatureSSL: Creating signed certificate

VERBOSE: Searching certificates in Cert:\LocalMachine\My for Name siteName

VERBOSE: Failed to find certificate with Name siteName

VERBOSE: New-SignedCertificate: Create a signed certificate for 'siteName' VERBOSE: New-SignedCertificate: Using PKI parameters for Windows Server 2016 and Windows 10

Command start time: 20180329151332

PS>TerminatingError(New-SelfSignedCertificate): "CertEnroll::CSignerCertificate::Initialize: Cannot find object or property. 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND)"

TerminatingError(New-SelfSignedCertificate): "CertEnroll::CSignerCertificate::Initialize: Cannot find object or property. 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND)"

TerminatingError(New-SelfSignedCertificate): "CertEnroll::CSignerCertificate::Initialize: Cannot find object or property. 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND)"

Install-SitecoreConfiguration : CertEnroll::CSignerCertificate::Initialize: Cannot find object or property. 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND) At C:\SC9\Configurations\Install.ps1:38 char:1 + Install-SitecoreConfiguration @sitecoreParams -Verbose

  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
    • FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Install-SitecoreConfiguration Install-SitecoreConfiguration : CertEnroll::CSignerCertificate::Initialize: Cannot find object or property. 0x80092004 (-2146885628 CRYPT_E_NOT_FOUND) At C:\SC9\Configurations\Install.ps1:38 char:1

  • Install-SitecoreConfiguration @sitecoreParams -Verbose

  • ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    • CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
    • FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Install-SitecoreConfiguration
sitecore
ssl-certificate
asked on Stack Overflow Mar 29, 2018 by K. Dean • edited Mar 29, 2018 by K. Dean

3 Answers

2

The error is related to using root certificate, in your case DO_NOT_TRUST_SitecoreFundamentalsRoot, that has been invalidated. Some of the reasons causing the cert to be invalid:

  • It may have been copied from another machine
  • There may have been changes on your computer that invalidated it.

You will need to re-generate it and together with it also all xconnect certificates.

  1. Remove all references to all Sitecore generated certificates both from your Local Machine certification store, typically under LocalMachine\My and also under LocalMachine\Trusted Root Certification Authorities. Look for certificates *.xconnect, *.xconnect_client, DO_NOT_TRUST_SitecoreFundamentalsRoot and DO_NOT_TRUST_SitecoreRootCert.
  2. Search your disk for SitecoreRootCert.crt and *.xconnect_client.crt files, typically under c:\certificates. Make sure you delete them, otherwise SIF will try to re-use them instead of generating new.
  3. I suggest you uninstall Sitecore IIS sites, remove Sitecore DBs and SOLR/Azure indexes before proceeding to the next step.
  4. re-run SIF
answered on Stack Overflow Jun 18, 2018 by Martin
0

Make sure you go to Trusted Root Certification Authorities/Certificates and delete all Sitecore certificates. Then run install script again. This fixed it for me.

answered on Stack Overflow Apr 4, 2018 by emer • edited Apr 4, 2018 by emer
0

For some reason system is not able to create certificate.

Below steps have helped me to resolve this same issue.

  1. Generate self-signed certificate New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname ""
  2. Once Certificate is generated move it to certificate folder. Export-Certificate -Cert cert:\localMachine\my\ -FilePath C:\certificate\".cer
  3. Then open Manage User Certificate. Go to Personal => Certifate. Import that certificate here.
  4. Rerun your script after uninstalling site.
answered on Stack Overflow Apr 30, 2018 by Akash S

User contributions licensed under CC BY-SA 3.0