Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

ATA Center not starting due to certificate change.

Copper Contributor

We are stuck in a service start-up loop due to a change certificate on the ATA Server.  Is there any way to fix this without having to do a full DR?

 

 

2020-05-23 01:25:26.2490 3516 14  Debug [CenterConfigurationManager] Initialized
2020-05-23 01:25:26.2490 3516 14  Debug [SecretManager] Initializing
2020-05-23 01:25:26.3160 3516 5   Error [SecretManager] Microsoft.Tri.Infrastructure.Utils.ExtendedException: Certificate is invalid [CertificateThumbprint= <!--Thumbprint Removed For Security-->]
   at Microsoft.Tri.Infrastructure.Framework.SecretManager.UpdateMutableConfiguration(SecretManagerConfiguration configuration)
   at Microsoft.Tri.Infrastructure.Extensions.ActionExtension.<>c__DisplayClass1_0`1.<ToAsync>b__0(TItem _)
   at async Microsoft.Tri.Infrastructure.Framework.ConfigurationManager`2.<>c__DisplayClass17_0`1.<RegisterConfigurationAsync>b__0[](?)
   at async Microsoft.Tri.Infrastructure.Framework.ConfigurationManager`2.RegisterConfigurationAsync[](?)
   at async Microsoft.Tri.Infrastructure.Framework.ConfigurationManager`2.RegisterConfigurationAsync[](?)
   at Microsoft.Tri.Infrastructure.Framework.ConfigurationManager`2.RegisterConfiguration[TModuleConfiguration](Action`1 updateMutableConfiguration)
   at Microsoft.Tri.Infrastructure.Framework.SecretManager.OnInitializeAsync()
   at async Microsoft.Tri.Infrastructure.Framework.Module.InitializeAsync(?)
   at async Microsoft.Tri.Infrastructure.Framework.ModuleManager.OnInitializeAsync(?)
   at async Microsoft.Tri.Infrastructure.Framework.Module.InitializeAsync(?)
   at async Microsoft.Tri.Infrastructure.Framework.Service.OnStartAsync(?)
   at Microsoft.Tri.Infrastructure.Framework.Service.OnStart(String[] args)

 

 

3 Replies

@melmgettyedu  What exact version of ATA is this ?
Did the UI let you select the certificate and broke right after that?

Is the previous cert still on the machine and still valid?

Did you press the "activate" button after the certificate was changed already ?(if you didn't - don't)

Did it broke right away or only after the center service restarted?

 

 

@Eli Ofekwe're on ATA v1.9.2.  The previous cert was revoked and then reinstated and installed on the server but was deemed invalid by ATA after that.  I had to redeploy with a new cert and lost all of the learned data.

@melmgettyedu Once revoked you lose the deployment. selecting a new cert won't help at this stage.