Troubleshooting: The X.509 certificate CN=accounts.accesscontrol.windows.net is not in the trusted people store

Your deployment is using Azure Active Directory (Azure AD) authentication. When users try to connect to Dynamics NAV from the client, a technical issue occurs that prevents them from connecting. The event log of the computer that is running of the Microsoft Dynamics NAV Server instance includes a warning event that has the following message:

The X.509 certificate CN=accounts.accesscontrol.windows.net is not in the trusted people store. The X.509 certificate CN=accounts.accesscontrol.windows.net chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

Resolution

Disable token-signing certification validation on the Microsoft Dynamics NAV Server instance. For more information, see Configuring Microsoft Dynamics NAV Server.

See Also

Authenticating Users with Azure Active Directory