Failed to Rotate Secrets in LCS? Here’s What to Do Next

-

Introduction

Working with Lifecycle Services (LCS) may feel a bit outdated as we prepare for its eventual phase-out, but the reality is that many businesses still rely on it daily.
Recently, I encountered an issue while deploying to a new environment after a long break; it kept failing without a clear cause.


 
After investigating, I discovered the SSL certificate was the culprit, which I’d run into before (I’ve shared that experience in a previous post).
Naturally, I tried rotating the secrets from LCS, but it failed repeatedly without any error message or explanation.

 
I was ready to raise a ticket with Microsoft when Copilot stepped in with a suggestion that helped me quickly resolve the problem.

Here's what happened and how you can fix it if you face the same issue.

What to do:

Go into your development VM and search for certificates.




You'll see there's a certificate with the same name as your VM and if you observe the "Expiration Date" it is past your current date.
This is the reason the certificate rotation is failing.

Microsoft offers a simple script that can be used to generate another certificate to replace this.

Go to "Shared Asset Library" in LCS.
Scroll down to "Renew WinRM Certificate" and download it.


Move the downloaded zip into your Development VM and extract it.


Right click on "RenewWinRMCertificate" file and click on "Edit" to edit it in Windows ISE.


Once this is completed, go back to the Certificates and refresh the page.
You'll see there's another entry with the VM name and a different expiration date.
At this point, you can delete the old certificate.


After this, go to LCS and restart your development environment.
That's it!

Now you can try to rotate your certificate from LCS.


And now I can finally get back to my development work!


Conclusion

LCS might be on its way out, but for now, it’s still a big part of many businesses’ workflows.
Running into deployment failures because of an expired SSL certificate was a frustrating experience, but fixing it turned out to be pretty straightforward.
After checking the certificates, running Microsoft’s "Renew WinRM Certificate" script, and restarting the environment, I was able to rotate the secrets without a hitch. 
If you ever find yourself in the same boat, start by checking your certificates, it’s a quick step that can save you a lot of stress!

Comments

Post a Comment

Popular posts from this blog

Actionable Error Messages in Business Central

-
Image
Introduction Error handling is an important concept in every technical field.  It helps programs deal with unexpected problems and mistakes smoothly.  It makes sure software works reliably and doesn't crash unexpectedly.  Error handling also helps developers find and fix issues quickly, making the software better for users. Plus, it gives users clear messages when something goes wrong, making their experience smoother. It shows that the team has considered the scenario and has measures in place for it indicating a well designed solution. Microsoft has an amazing document which lists the things to keep in mind for writing resilient code. In Business Central, we have try functions to handle errors and error function to show those errors to the Users.  In this blog, we'll learn how we can enhance the error messages so that the Users can resolve the errors themselves or at the very least we can point them towards where the error is. Pre-requisites Business Central OnPrem...
Read more

Using Notifications in Business Central via AL

-
Image
Introduction Notifications in Business Central are alerts that appears in the Notification bar based on User actions. Notifications stack up from top to bottom, lasting until the user dismisses them, including those from sub-pages.  Validation errors are prioritized and shown before other notifications. We can use this to alert the user regarding something without taking all the user's notification towards it, in the way messages or errors do. They also have the option to allow Users to make a corrective action by embedding the action button directly into the notification. Let's see how it works. Source Code Pre-requisites Business Central OnPrem/Cloud. References Notification - Business Central Docs Configuration Here, for an example, I've created one simple page which takes two inputs. 1. The message that is to be shown in the notification. 2. The message to be shown after the User clicks on the action embedded in the notification.     And I have two actions which I'l...
Read more

Configure Gmail SMTP service in Business Central without "Allow Less Secure" setting

-
Image
 Introduction Business Central has great email features like sending email, editing it with Rich Text, adding attachments, etc, but to send emails, you'll need to connect it with services like Outlook or Gmail. There is no outlook side configuration that is to be done if you are using Microsoft Outlook however if you are using Google's Gmail then there's a litte change that has happened on the configuration end. Starting May, 2022, Google has removed the "Allow Less Secure Apps" settings from the Google Accounts, which was essential is using Gmail to send emails from Business Central. However, to replace that we have "App Passwords" which we can use instead. Also, just something to keep in mind, Google is going to remove this from the "Google Workspace" accounts as well by Sept, 2024 so it would be wise for you to migrate your configurations to use app passwords. Reference 1.  How to Setup Email in Business Central 2.  Google Support - Less sec...
Read more