BBusiness Central English

Changing SSL in Business Central

Changing SSL in Business Central
0
Shares
0
0
0

This post is about changing a SSL certificate in Business Central. Replacing an SSL Certificate in Business Central requires a few extra steps. Especially when it comes to connections using OData and SOAP.

Securing data when changing SSL in Business Central

It is essential to enable SSL for OData and SOAP within Business Central OnPrem to secure data. Sensitive information, such as customer data and financial transactions, is often transmitted through these protocols. Without SSL, malicious actors could intercept and read this information. By enabling SSL, we encrypt the communication and significantly reduce the risk of data breaches.

Confidentiality and integrity

We ensure the confidentiality and integrity of data by using SSL. When we transmit data via OData and SOAP, we cannot guarantee that the data has not been altered during transmission without SSL. With SSL, we establish a secure connection, protecting the data from tampering and unauthorized access.

Regulatory compliance

We facilitate regulatory compliance and adherence to industry standards by using SSL. Many sectors, such as finance and healthcare, require that data transmission occur over secure channels. By enabling SSL by default for OData and SOAP within Business Central OnPrem, we meet these legal requirements and reduce the risk of fines and penalties.

Customer trust

We strengthen customer trust by using SSL. Customers expect us to handle their data securely. When we enable SSL, we provide an extra layer of protection, contributing to customer confidence in our organization. This can lead to improved customer satisfaction and loyalty.

Protection against attacks

We provide protection against attacks, such as man-in-the-middle attacks, by using SSL. Without SSL, attackers could intercept the communication between client and server, gaining access to sensitive information. With SSL, we encrypt the connection, making it much harder for attackers to carry out such attacks.

Conclusion: Replacing SSL in Business Central

By enabling SSL by default for OData and SOAP within Business Central OnPrem, we secure data, ensure regulatory compliance, and strengthen customer trust. This measure creates a safe and reliable environment for data transmission.

Steps to replace the SSL Certificate within Business Central

This can be done easily using the following code. Optionally, the value $servicesCertificateThumbprint can be provided.

# Begin Function Set-NewSslODataSoapServices
Function Set-NewSslODataSoapServices {
    param (
        [string]$serverInstance,
        [string]$servicesCertificateThumbprint
    )

    if (-not (Get-Module -Name "NavAdminTool")) {
        Import-Module "C:\Program Files\Microsoft Dynamics 365 Business Central\252\Service\NavAdminTool.ps1"
    }

    $instances = Get-NAVServerInstance -ServerInstance $ServerInstance | Where-Object { $_.State -eq "Running" }
    foreach ($instance in $instances) {
        $navSettings = Get-NAVServerConfiguration -ServerInstance $instance.ServerInstance
        $odataSSL = $navSettings | Where-Object { $_.Key -eq "ODataServicesSSLEnabled" } | Select-Object -ExpandProperty Value
        $soapSSL = $navSettings | Where-Object { $_.Key -eq "SOAPServicesSSLEnabled" } | Select-Object -ExpandProperty Value

        if ($odataSSL -eq "true" -or $soapSSL -eq "true") {
            Stop-NAVServerInstance -ServerInstance $instance.ServerInstance -Force
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "ODataServicesEnabled" -KeyValue "false"
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "SOAPServicesEnabled" -KeyValue "false"
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "ODataServicesSSLEnabled" -KeyValue "false"
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "SOAPServicesSSLEnabled" -KeyValue "false"
            Start-NAVServerInstance -ServerInstance $instance.ServerInstance -Force
            Stop-NAVServerInstance -ServerInstance $instance.ServerInstance -Force
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "ODataServicesEnabled" -KeyValue "true"
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "SOAPServicesEnabled" -KeyValue "true"
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "ODataServicesSSLEnabled" -KeyValue "true"
            Set-NAVServerConfiguration -ServerInstance $instance.ServerInstance -KeyName "SOAPServicesSSLEnabled" -KeyValue "true"
            Start-NAVServerInstance -ServerInstance $instance.ServerInstance -Force
        }
    }
}
# End Function Set-NewSslODataSoapServices
Restart-ODataSOAPServices -servicesCertificateThumbprint $servicesCertificateThumbprint

More information about Microsoft Business Central can be found here. More information about the author of this blog post can be found here.

0 Shares:
Share 0
Tweet 0

— Previous article

Make good use of ForEach

Next article —

Postman and Business Central

You May Also Like