web
You’re offline. This is a read only version of the page.
close
Skip to main content

Announcements

No record found.

Community site session details

Community site session details

Session Id :
Customer experience | Sales, Customer Insights,...
Unanswered

Issue while Certificate Renewal for Server side Synchronization [On-Premise V8.2]

(1) ShareShare
ReportReport
Posted on by 2

Problem Statement - Every year we have to renew the SSL certificate and use that for SSS so that Microsoft Dynamics 365 On Premise v 8.2 is able to sync emails with outlook exchange online.

          This  time, not able to set up SSL for Server Side Synchronization (SSS) for Emails in Microsoft Dynamics 365 On Premise v 8.2 with outlook Exchange Online.


Detailed Information -

  Our Environment - We have Microsoft Dynamics 365 On Premise v 8.2

           - This server is not public facing.

           - Till last year we used Self signed SSL certificate , using powershell command,

           we connected to Exchange online to set up the SSL Certificate for CRM

Things Tried at our end


          - Created self signed certificate 

          - Using powershell below commands , which worked last year, we tried below but faced issues


          Commands tried (there are some more )

           $msolcred = get-credential

          connect-msolservice -credential $msolcred

          New-MsolServicePrincipalCredential -AppPrincipalId $CRMAppId -Type asymmetric -Usage Verify -Value $CredentialValue

          $CRM = Get-MsolServicePrincipal -AppPrincipalId $CRMAppId

          $ServicePrincipalName = $CRM.ServicePrincipalNames

          $ServicePrincipalName.Remove("$CRMAppId/$RootDomain")

          $ServicePrincipalName.Add("$CRMAppId/$RootDomain")

          Set-MsolServicePrincipal -AppPrincipalId $CRMAppId -ServicePrincipalNames $ServicePrincipalName


          dd-PSSnapin Microsoft.Crm.PowerShell 

          $setting = New-Object "Microsoft.Xrm.Sdk.Deployment.ConfigurationEntity"

          $setting.LogicalName = "ServerSettings"

          $setting.Attributes = New-Object "Microsoft.Xrm.Sdk.Deployment.AttributeCollection"

          $attribute1 = New-Object "System.Collections.Generic.KeyValuePair[String, Object]" ("S2SDefaultAuthorizationServerPrincipalId", "10XXXXXX-XXXX-XXXXXX-a1XX-XXXXXXXX")

          $setting.Attributes.Add($attribute1)

          $attribute2 = New-Object "System.Collections.Generic.KeyValuePair[String, Object]" ("S2SDefaultAuthorizationServerMetadataUrl", "https://accounts.accesscontrol.windows.net/metadata/json/1")

          $setting.Attributes.Add($attribute2)

          Set-CrmAdvancedSetting -Entity $setting

 

          $CRMContextId = (Get-MsolCompanyInformation).ObjectID

          $CRMContextId

 

 

          $organizationName = "XXXXX"

          $CRMContextId = "10XXXXXX-XXXX-XXXXXX-a1XX-XXXXXXXX"

          $orgInfo = Get-CrmOrganization -Name $organizationName

          $ID = $orgInfo.id 

            if($ID)

              {

                Set-CrmAdvancedSetting -ID $orgInfo.ID -configurationEntityName "Organization" -setting "S2STenantId" -value $CRMContextId

              }

 â€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒâ€ƒ

Issue Faced Today - 

        - We get error while using commmand $msolcred = get-credential, it says its deprecated.

        - We then tried the new msgraph api to connect, we were able to connect from powershell

        but then faced issues with other commands

 

Quick Research Done till now -        

        - A quick search indicates that the process to set up SSS has been changed by microsoft recently

        - The old approach that we used above is not supported (this we are not sure if there is a workaround)

        - we need to use below things also (not sure if these are mandatory)


        a) Msgraph api to connect to exchange online

        b) IFD - Public facing website, we need to make our crm website public as per few articles which we cannot

        c) expose CRM via HTTPS (IFD), even behind a reverse proxy / WAF

Constraints -

        1 - Client may not allow us to make CRM site as public or IFD.

        2 - We cannot migrate to v 9.1 as of now, so we need to stay on v8.2 on premise for some time and want to renew the SSL certificate by 13th Jan 26

 

Our questions -


          Q1 - What do we need to connect our v8.2 Dynamcis 365 CRM onpremise with Exchange Online using SSS for email sync?

          [We were able to connect using SSS till last year using above commands, facing issue now]

        Q2 - What are the detailed steps and powershell commands etc so that we can set up the SSS ?

          [Since the old commands are not working any more]

        Q3 - Earlier we were using self signed SSL certifcates or do we need CA certificates with new commands

          (But we cannot make it public - No IFD)  ?

        Q4 - Any other requirement for this to work 

        Let us know if any more information is needed. Appreciate any help on this as its little urgent.



#Dyanmic 365 , #On-Premise , #Server Side Syncronization 

I have the same question (0)

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Introducing the 2026 Season 1 community Super Users

Congratulations to our 2026 Super Stars!

Congratulations to our 2025 Community Spotlights

Thanks to all of our 2025 Community Spotlight stars!

Leaderboard > Customer experience | Sales, Customer Insights, CRM

#1
ManoVerse Profile Picture

ManoVerse 109 Super User 2026 Season 1

#2
Jimmy Passeti Profile Picture

Jimmy Passeti 46 Most Valuable Professional

#3
NeerajPawar Profile Picture

NeerajPawar 39

Last 30 days Overall leaderboard

Product updates

Dynamics 365 release plans