Thanks for the quick reply, I need to get this done today :-).
You are right and I tested it exactly as you proposed, tried to access the email template and it opened the xslt in browser without having to log in.
Even if I access the HTTP site without logging in (AD) it sends the email, but if I access it as HTTPs site it fails. The email ID's are same in both the cases.
There is nothing in the logs, do you have some more ideas as to what could be failing?
Thanks,
Sachin
Cause really where we need this to work is for FBA users, who cannot log in..
I'm surprised there's nothing in the logs. You mentioned you're accessing via https. For that to work, SharePoint needs trust setup for the root certificate of the certificate you are using. Central Admin -> Security -> Manage Trust
Ok ccoulson, I think I might have stumbled upon something here...
In the event viewer log it says" An operation failed because the following certificate has validation errors:\n\" While I am not sure
it is related with this issue but I see an entry as soon as I try to send an email from HTTPs site. And yes, my site SSL certificate is not a valid one as of now, it is self created.Could that be the issue and willl resolve it self as sson as a proper Cerrtificate
is in place? I guess so, what do you think?
One thing confuses me is in the error log the user name under which this error comes up is NT AUTHORITY\IUSR, is this how the anonymous works?
Thanks,
Sachin
I read your post after posting mine, what you suggest sounds good! Let me try that and add my certificate as trusted under CA and will see how it goes, be back shortly..
Ok so this is interesting...
I have a self Signed certificate that I created in IIS, and then attached this certificate to the HTTPs site from within IIS .
Question : Is this correct way of doing?
In order to add the same certificate under CA-Manage Trust, i have to import it right? When I import it on desktop, it asks for pwd which I give.
Now when give this certificate path in CA-Manager trust , it throws an error that certificates with pwd is not supported.
Am i doing something wrong here?
Thanks,
Sachin
That is the correct way of doing things.
The certificates I generate I do not password protect, so I haven't gotten this error. Try generating a certificate without a password. Also, you do not add the same certificate to Manage Trust. You add the ROOT certificate (essentially the certificate for the certificate generator) - you can view and export this from the certificate properties - I think the section is called certificate path.
Yes I had created the certificate without pwd, but while importing the certificate it prompts for pwd.
I see what you mean and tried something else.Instead of importing the certificate I went to Detailsand there was an option to Copy to file, which downloaded a certificate like thing without asking for pwd and I think this is the ROOT cert, which talks
abt issueing authority and certificate has etc (there is no option under Certificate Path to import).
Then I succesfully added this to CA-Manager Trust and this looks like the ROOT certificate, but still when I go to forgot pwd page, same error and the event view says the same thing, certificate is invalid, did an IIS reset, no go...
Yes, you do use the Copy To File under Details. But right beside the details tab there should be a "Certification Path" tab, with your certificate, and then one or more on top of it. The top one is the root certificate. Click View Certificate on that one, and then click the Details tab and Copy to File.
Hmnnn..I see that now.... In one of the certificates ( Forefront identity manger) it is there, but in my certificate the Certification Path tab does not have a treeview like top node, just only one entry and selecting it does not enable View Certificate...Why
it would not be there?
When I created the certificate, I just created normally , like "Create a Self Signed Certificate" and if I create a new one now, it is also the same no Root node under the Certification Path
Unfortunately I think that the certificates I created were created using Windows certificate services, so there was a root certificate. I assume there is a way to get it working with the IIS self signed certificate, but i'm not sure.
Sure, Thanks for all the help!
I will dig into it more, but I guess once we have a proper certificate from issuing authroity, as we will get, I think this issue will be resolved on its own as it just the improper certificate causing this.
Thanks again,
Sachin
Yeah, it should work just like http, once you have the proper certificates setup.