Renew Dynamics 365 for Finance and Operations Certificate on Dev Machine

This was a internal request from support team to quickly fix the certificate expire issue. I would like to post it here in case you need it. Please note this should only apply to your Dev VHD, and strongly recommand you create a checkpoint before proceed.

One script for all steps(renew certificate,grant permission, replace in config, reset iis and batch)

Function Update-Thumberprint


Set-Location -Path “cert:\LocalMachine\My”

$oldCerts = Get-childitem | where { $_.subject -match “DeploymentsOnebox” -or $_.Subject -match“MicrosoftDynamicsAXDSCEncryptionCert”}

$ConfigFiles =







foreach ($oldCert in $oldCerts)


$newCert = New-SelfSignedCertificate -CloneCert $oldCert

#consider to delete the old cert

$keyPath = Join-Path -Path $env:ProgramData -ChildPath “\Microsoft\Crypto\RSA\MachineKeys”

$keyName = $newCert.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName

$keyFullPath = Join-Path -Path $keyPath -ChildPath $keyName

$aclByKey = (Get-Item $keyFullPath).GetAccessControl(‘Access’)

$permission = “EveryOne”,“Read”, “Allow”

$accessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $permission


Set-Acl -Path $keyFullPath -AclObject $aclByKey -ErrorAction Stop

foreach($configFile in $ConfigFiles)


(Get-Content -Path $configFile).Replace($oldCert.Thumbprint,$newCert.Thumbprint) | Set-Content $configFile






Restart-Service “DynamicsAxBatch”

Please copy all the script and run in powershell via administrator previligge.

Each time you run this script, it will create a new set of certificates. So do not repeat it.

high-quality-rolex-replica – watches designer bags fake submariner Imitation breitling Emergency Mission watch bands tag heuer au replica fake cartier shades replica

Leave a Reply