Monday, February 19, 2018

Sitecore Experience Commerce - Update Data Templates fails

After deploying a custom plugin to extend SellableItem and add my own custom fields, the Update Data Templates method inside the content editor would fail. The Sitecore instance logs showed (key lines shown, some have been removed):
1828 14:12:13 ERROR Authentication Error
Exception: System.Exception
Message: The certificate thumbprint is invalid or missing from your configuration, secure communication with the Commerce Engine is not possible.
1828 14:12:13 ERROR GetList(id='Catalogs',type='Sitecore.Commerce.Plugin.Catalog.Catalog, Sitecore.Commerce.Plugin.Catalog',skip=0,take=1)?$expand=Items($select=Id)
System.Exception: The certificate thumbprint is invalid or missing from your configuration, secure communication with the Commerce Engine is not possible.
I took a look inside the commerce authoring logs (in my case: C:\inetpub\wwwroot\CommerceAuthoring_Sc9\wwwroot\logs) to see if there were any errors in there. The following was present:
18 14:11:06 ERROR ClientCertificateValidationMiddleware: Certificate with thumbprint 803320317DD6250341065603E375906369603AD3 does not have a matching Thumbprint.
Inside the config.json file for this site there was a thumbprint configured which did not match that of the log file above. It turns our that the certificate thumbprint which was configured was that of a different domain (http://MySite instead of http://localhost), changing this certificate configured to that of the log file above (the correct domain matching) allowed the Update Data Templates to complete successfully. 

A handy PowerShell command for tracing a thumbprint to a certificate is as follows:
cd CERT:\\
dir -recurse | where {$_.Thumbprint -eq "D4FC5CC9E022C0CFFF24186BE75DA9EC66DAD1C2"} | Format-List -property *
This helped me figure out an incorrect certificate was configured for my four commerce service sites.

It's also worth checking the IIS sites for the commerce engine to double check which certificate is actually assigned to them. I had another environment, where a different certificate than expected was assigned to the IIS sites. 

1 comment:

  1. I had the same problem during my upgrade from XC 9 Initial Release to Update-1. Sadly, the Update-Guide is not really good. Couple of small steps missing and incorrect commands.

    You saved me a ton of time. Thanks.

    ReplyDelete