Install Sana Add-on in AX Environment

Secure Sockets Layer (SSL) is a cryptographic protocol that helps provide security and data integrity for data communications over a network. By encrypting your Microsoft Dynamics AX Web service using SSL, you make your data and the network more secure and more reliable.

It is required to secure data transfer between the Sana web store and Microsoft Dynamics AX.

Prerequisites

• The server which hosts the Microsoft Dynamics AX Web service must support TLS 1.2.
• Before configuring the Web service to use SSL, you must obtain a security certificate for the Web service domain. The certificate is issued by a certificate authority (CA). If this is a test environment, you can create and use a self-signed SSL certificate. The self-signed SSL certificate can be used only for testing purposes.
• Internet Information Services (IIS) Manager.
• Service Configuration Editor. This editor allows to configure Web service using a graphical user interface. With this tool you can configure the Web service without having to directly edit the 'web.config' file. For more information, see 'Configuration Editor Tool (SvcConfigEditor.exe)' in the MSDN Library.

Configure Internet Information Services (IIS) Manager to listen to HTTPS

Step 1: Open IIS Manager.

Step 2: In the IIS Manager select the web site where Microsoft Dynamics AX Web service is running.

Step 3: In the 'Actions' pane on the right click 'Bindings'.

Step 4: In the 'Site Bindings' window click 'Add'.

Step 5: Add site binding with 'https' type and select the SSL certificate obtained from the certification authority.

Configure Microsoft Dynamics AX Web service to use SSL

Step 1: In Microsoft Dynamics AX go to: Basic > Setup > Application Integration Framework > Services.

Step 2: Locate the SC_AXDataServiceClient service created during installation and disable it, if it is enabled. If the 'AIF Services' form is opened for the first time, click the 'Refresh' button to load the list of AIF services. It may take some time to load AIF services.

Step 3: Click on the 'Configure' button. Microsoft Service Configuration Editor will open where you can configure the Web service to use SSL.

Step 4: Create a new service binding of a 'basicHttpBinding' type and set the binding settings as shown on the screenshot below.

Step 5: Under the 'Security' tab select the 'Transport' mode and 'Windows' TransportClientCredentialType.

Step 6: Expand the 'Services' node. In the 'Microsoft.Dynamics.IntegrationFramework.Service.AXDataServiceClient' service, create the https endpoint and link it to the previously created binding.

Copy the contract from the default endpoint. It must be 'Microsoft.Dynamics.IntegrationFramework.Service.AXDataServiceClient'.

Step 7: Under the 'Service Behaviors' node open 'serviceMetadata' and set 'HttpsGetEnabled' to 'True'.