Configuring Tridion STS certificate for SDL Media Manager
Recently I have found a certificate related issue in our project when we are trying to connect SDL Media Manager from our Tridion CMS. The root cause of this issue was our SigningCertificate got expired and because of that the CMS was unable to load the proper configuration of that certificate from TridionSTS.xml.
Here is the Exception Description –
Exception has been thrown by the target of an invocation. Unable to load the configuration from Scope number 1 in the configuration file D:\Tridion\config\TridionSTS.xml. Unable to load the certificate from the element “SigningCertificate“. No valid certificate was found.
So don’t panic, the resolution is very simple, you have to just install the self-signed certificate with proper details and add that certificate information in TridionSTS.xml. All the steps are properly documented in this SDL documentation.
But this is not enough. Once the certificate installation is done, then you have to perform 2 additional task which is not part of this document.
Select the Tridion STS certificate that you have installed and choose and All Tasks > Export… in the context menu:
In the Certificate Export Wizard, click Next.
Select No, do not export the private key and click Next.
Leave the Export File Format default settings unchanged (note these will be different from the previous export) and click Next.
Browse to a location on the file system and enter a File name, for example Tridion STS public only.cer, and click Next.
Click Finish to complete the export.
The Certificate Export Wizard confirms the export was successful and closes the dialog.
Give the Tridion STS public only.cer certificate to your Media Manager administrator for installation on the Media Manager system.
Actually these 2 steps are the part of SDL media manager installation (refer 9th and 10th step of this document)
As soon as Media Manager administrator will install your certificate against your client then it will start working again.
If the issue still exists then open your TridionSTS.xml and check if there is any special character present in the value of SigningCertificate.
<SigningCertificate storeName=”My” storeLocation=”LocalMachine” findType=”FindByThumbPrint” findValue=“e34af3e03639227fe682a51fdd855018f1fd2b43” />
Because at the time of coping the Thumbprint value from our certificate, mostly we forget to check the existence of special character in that value. Best Practice is copy the value to a text file and move the cursor one by one. Please double check and make sure that you have removed all special character and save it.
Then restart all the Tridion services along with COM+ and reset the IIS.
That’s it. Thanks for checking my blogs.