Self-Signed SSL for NAV Web Service

Configure ACL and NAV Web Service Port (WS 2003)

The commands in this chapter are applicable if you are running on Windows Server 2003.

To configure Access Control List and Microsoft Dynamics NAV Web service port:

Step 1: Delete any entries that use the same port as Web services. To do this, execute the following command:

httpcfg delete urlacl -u http://+:7047/DynamicsNAV/

Step 2: Check the URL reservation. Execute the following command:

httpcfg query urlacl

Step 3: Register the port for the Web service with https. Execute the following command:

httpcfg set urlacl /u https://+:7047/DynamicsNAV/ /a "O:AUG:AUD:(A;;GA;;;AU)"

Specify the user name of the service account for Microsoft Dynamics NAV Server. If the service account for Microsoft Dynamics NAV Server is Network Service, then use "NT AUTHORITY\NETWORK SERVICE".

Step 4: To verify that your port has been registered, execute the following command:

httpcfg query urlacl

Step 5: Determine certhash and appid of the certificate. Execute the following command:

certutil -store "My" "0.0.0.0"

Substitute the subject's certificate name ("0.0.0.0") with the external server IP address.

After executing the command you will see the certificate details. Copy the Cert Hash into any text editor without any spaces.

Step 6: Bind an SSL certificate to the Web service port. Execute the following command:

Httpcfg.exe set ssl -i 0.0.0.0:7047 -h 14d8442f6703709002d825de36c47769cc6cb6b4 -g "{12c1ee1b-a83f-40bc-badb-798f4be9802d}"

Substitute the following options with the proper values:

Step 7: To verify the SSL certificate binding, execute the following command:

httpcfg query ssl

Step 8: Restart Microsoft Dynamics NAV services.