locked
ATA Lightweight Gateway installation failed after new ATA Center Console certificate deployed (1.7) RRS feed

  • Question

  • Hi,

    I have successfully deployed ATA Center 1.7 and ATA Lightweight Gateways then i have changed ATA Center Console certificate.

    Now we have deployed new AD Domain Controller and i can't install ATA Lightweight Gateway on it.

    When i download ATA Gateway installation from Center, there is still old certificate thumbprint in GatewayInstallationConfiguration.json file. Also when i change thumbprint value in config and try to install Lightweight Gateway again, same error in install log occurs.

    I have already restarted ATA Center server but issue still occurs.

    I am considering to backup Mongo DB, reinstall ATA Center and Restore Mongo DB. 

    Can you give me advice?

    Here is ATA Gateway installation log: [0CDC:11C4][2016-10-04T15:55:41]i000: 2016-10-04 13:55:41.6441 3292 5   Error [\[]TaskAwaiter[\]] System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The underlying connection was closed: An unexpected error occurred on a send. ---> System.IdentityModel.Tokens.SecurityTokenValidationException: Failed to validate certificate thumbprint [\[]Subject=CN=ataweb.ourdomain.com Thumbprint=4832CDB5AE2F2AE1E76E8D53B41AA1F361B881E8[\]]

    Tuesday, October 4, 2016 2:15 PM

Answers

  • Hi all,

    I have found solution.

    There was old certificate thumbprint value configured in mongodb.

    It's in mongodb under collection "SystemProfile". It's under first object in mentioned  collection.

    When you open this object/document there is  part that contains ManagementClientConfiguration:

    "ManagementClientConfiguration" : {
                "ServerName" : "ata.mydomain.com",
                "ServerCertificateThumbprint" : "5832CHB5AE2F2GE1E76E8D53B41CC1F361B781E8"
            },

    I'll like to upload screenshot, but cant't because microsoft have to verify my account.

    I have replaced thumbprint value to current right certificate.

    Then i downloaded new ATA Gateway setup that contains this thumbprint in GatewayInstallationConfiguration.json file. Note that before when i changed just thumbprint in this file installation failed.

    Finally i have installed ATA Lightweight Gateway successfully :).

    • Marked as answer by AMrvan Wednesday, October 5, 2016 9:27 AM
    • Edited by AMrvan Wednesday, October 5, 2016 9:30 AM
    Wednesday, October 5, 2016 9:27 AM

All replies

  • Hi all,

    I have found solution.

    There was old certificate thumbprint value configured in mongodb.

    It's in mongodb under collection "SystemProfile". It's under first object in mentioned  collection.

    When you open this object/document there is  part that contains ManagementClientConfiguration:

    "ManagementClientConfiguration" : {
                "ServerName" : "ata.mydomain.com",
                "ServerCertificateThumbprint" : "5832CHB5AE2F2GE1E76E8D53B41CC1F361B781E8"
            },

    I'll like to upload screenshot, but cant't because microsoft have to verify my account.

    I have replaced thumbprint value to current right certificate.

    Then i downloaded new ATA Gateway setup that contains this thumbprint in GatewayInstallationConfiguration.json file. Note that before when i changed just thumbprint in this file installation failed.

    Finally i have installed ATA Lightweight Gateway successfully :).

    • Marked as answer by AMrvan Wednesday, October 5, 2016 9:27 AM
    • Edited by AMrvan Wednesday, October 5, 2016 9:30 AM
    Wednesday, October 5, 2016 9:27 AM
  • Good day

    Do you by any chance have the steps you used to perform this operation? I am experiencing a similar issue

    Tuesday, October 11, 2016 2:02 PM
  • Hi

    I need to know, how to change certificate thumbprint in mondodb.

    Wednesday, October 12, 2016 1:08 PM
  • Hi 

    You can use some mongodb management software like robomongo. Then install this tool to ATA center. You have to install it to ATA Center because mongodb is listening on 127.0.0.1 on ATA Center.

    Then open Robomongo an navigate to collection "SystemProfile"

    Right click on "SystemProfile" and select "View Documents". Then right click on first Document and select "Edit Document...".

    In Document  try to find something like this and Edit  "ServerCertificateThumbprint" value:

    "ManagementClientConfiguration" : {
                "ServerName" : "ata.mydomain.com",
                "ServerCertificateThumbprint" : "5832CHB5AE2F2GE1E76E8D53B41CC1F361B781E8"
            },


    • Edited by AMrvan Monday, October 17, 2016 12:23 PM
    Monday, October 17, 2016 12:21 PM