Problem:
How to setup X.509 Certificate for Spotfire Automation Services "Set Data Source Credentials" task.
Solution:
If the X.509 Certificate is not setup correctly on Spotfire Node Manager machine where Automation Services is running, the "Set Data Source Credentials" task will fail with the following error:
"System.Security.Cryptography.CryptographicException: Unable to retrieve the decryption key"
Steps to make sure that the X.509 certificate is installed correctly:
1. On Node Manager machine with Automation Services, start the Microsoft Management Console. Click the Windows start button and type "mmc".
2. Click File > Add\Remove snap-in, then add the Certificates snap-in for the Local Computer.
3. Select Certificates (Local Computer) > Personal > Certificates.
4. If you can't find the required X.509 Certificate in the list, then the certificate has not been installed on this computer. Obtain the certificate from your CA, copy it locally, then import it into the certificate store via the "Import" wizard. If you right click on the Certificates pane, you should be able to see the "Import" wizard option:

5. You must also make sure that the account running Node Manager Service (default account is usually Local System or Network Service) has the right to access and read the certificate. Changing access rights on Windows Server is done using Microsoft Management Console:
2. Click File > Add\Remove snap-in, then add the Certificates snap-in for the Local Computer.
3. Select Certificates (Local Computer) > Personal > Certificates.
4. If you can't find the required X.509 Certificate in the list, then the certificate has not been installed on this computer. Obtain the certificate from your CA, copy it locally, then import it into the certificate store via the "Import" wizard. If you right click on the Certificates pane, you should be able to see the "Import" wizard option:

5. You must also make sure that the account running Node Manager Service (default account is usually Local System or Network Service) has the right to access and read the certificate. Changing access rights on Windows Server is done using Microsoft Management Console:
- Make sure you have installed the certificate properly.
- Start the Microsoft Management Console.
- Add the Certificates snap-in for the Local Computer.
- Select Certificates (Local Computer) > Personal > Certificates.
- Right-click the installed impersonation user certificate and select All Tasks > Manage Private Keys.
- Click Add.
- Locate and select account Local System or Network Service or a domain service account used to run Node Manager service.
- Grant "Read" permissions to this account.
- Click OK.
Please note that you need to make sure that this certificate is installed on the Node Manager instance with Automation service and also on the Spotfire Analyst machine which will create or execute the job task. The steps to configure Spotfire Analyst client machine are described here:
Comments
0 comments
Article is closed for comments.