Wednesday, December 2, 2015

Microsoft BizTalk Adapter Service Setup Wizard Ended Prematurely

Azure BizTalk Services SDK installation was interrupted, during the installation of last component(Runtime Component) i.e., BizTalk Adapter Service

Clicked on the log file to see the actual reason for failure.
As can be seen in image below nothing significant was there

Why it happened:

So why it happened? to find it had a look at Event Viewer --> Windows Logs--> System  and there it was "The SSL server credential's certificate does not have a private key information property attached to it"
The error says that the certificate provided does not have private key associated with it. It makes sense, I had provided the self signed certificate which was downloaded after provisioning the BizTalk service and it has only public key associated with it.

What to do:

We need to provide certificate with private key as it will be used while creating the web site on the machine where you are running this setup.
We can create a self signed certificate for which we have private key, to create it ,open Developer Command Prompt for VS2012 and with help of makecert  we create a self signed certificate 
makecert -pe -r -n "CN=demo" -e "12/01/2019" -sr LocalMachine -ss root

-pe : Marks the generated private key as exportable
-r : Creates a self-signed certificate.
-e : Specifies the end of the validity period
-sr : Specifies the subject's certificate store location. location can be either currentuser (the default) or localmachine
-ss: Specifies the subject's certificate store name that stores the output certificate

You can see the certificate created under Trusted Root Certification Authorities of the Local Computer certificate store

And using certutil we export the private key of the above created certificate from certificate store

certutil -exportPFX -p "demopassword" root demo demo.pfx


After we are done with export, we need to provide this to IIS server as when we install the Runtime an on-premise web service running in IIS is installed and this  BAS web service needs to be secured and for that we need a self-signed certificate for which we have a private key. To provide IIS the certificate, open IIS manager, navigate to Server Certificate
Right-click on the screen and select Import. Click on the ellipsis (...) on the Import Certificate Window, select the private key (.pfx file) we exported in the previous step

and enter the password (the one provided while exporting) and leave the default values as it is

You can see the certificate added in Server Certificates


and Personal store as well


Allright, so next is to rerun the installation of Runtime component, this time I selected the above created certificate (demo) instead of the certificate downloaded from portal while provisioning BizTalk Service on portal(
Port left as default 8080

And the installation was successful




1 comment: