Apex Code Development You need to sign in to do that
Don't have an account?
BrianJohnFarrell Integrating Chatter with SharePoint 2010
Hi,
has anyone attempted to use the latest ap exchange Chatter code to integrate with Sharepoint 2010?
We are attempting to do this with a virtual machine running SharePoint 2010 SP1. We install the components and deploy the web parts to a Sharepoint page. We then click the login button expecting to be presented with a screen to enter the SF login details but we get the error:
Error: There is some problem in Chatter web part configuration. Please contact your administrator.
In the Event logs for Sharepoiint we get the error:
An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=login.salesforce.com, OU=Applications, O="Salesforce.com, Inc.", L=San Francisco, S=California, C=US\nIssuer Name: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US\nThumbprint: 3863534EF5120F2E8C759EB43CE71E100AD4AF72\n\nErrors:\n\n The root of the certificate chain is not a trusted root authority..
We are using a consumer key and secret that we have generated fron a test salesforce instance.
It would suggest its a problem with a SSL certificate but the details mentioned in the above error are not related to any certificates we have created or assigned to the Sharepoint web site.
I realise this code has only be released in the last two weeks and very few people may have attempted this integration but any help to resolve this would be much appreciated
Many Thanks
Brian
Do you have a valid cert installed on your SharePoint intstance? You will need to run SP in https with a cert from a valid authority, as Salesforce requires all API connections to be made via https.
HI Rasmus,
yes we are running the Sharepoint site under a secure certificate generated on the site itself.
The point we are failing at is when we call the url:
https://localhost/_layouts/SFChatterWP/oAuthLoginPage.aspx
which we have configured via the Chatter Connection settings
I see a window that includes this url and my consumer key and secret appended to it but I then get a certificate failure
but this is a different certificate to the one that my secure Sharepoint site is running under.
An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=login.salesforce.com, OU=Applications, O="Salesforce.com, Inc.", L=San Francisco, S=California, C=US\nIssuer Name: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US\nThumbprint: 3863534EF5120F2E8C759EB43CE71E100AD4AF72\n\nErrors:\n\n The root of the certificate chain is not a trusted root authority..
I have set up a remote access site on my Salesforce instance but I dont think it is getting this far.
Should be downloading a certificate from the SF instance and running the Sharepoint site under this SSL cert
Additionally our instance of Sharepoint 2010 is running on a virtual cloud instance if this makes any difference
Many Thanks
Brian
Is it fair to assume that this is just an example, or are you calling Salesforce from a localhost?
https://localhost/_layouts/SFChatterWP/oAuthLoginPage.aspx
Is your cert self-signed or from a valid authority like Verisign?
Hi Rasmus,
yes we are calling from a localhost - we have also tried a local address like:
https://sp2010Chatter/_layouts/SFChatterWP/oAuthLoginPage.aspx
We have tried both a self certificate and also a verisign certificate that was supplied as part of the standard virtual machine build.
As I say the certificate error we get refers to a Salesforce certificate which I cannot find on our host SP 2010 machine and is not one I have installed. To clarify should we be importing any Salesforce certificates from the target sandbox into the SP 2010 machine
Regards
Brian
Hi Brian,
I ran into the same issue; you can resolve this by exporting the VeriSgin root cert to a DER X.509 file and import this file in SharePoint via CA. (The export is done througt the 'Certificates' MMC snap-in).
In Central Admin you browse to http://<your CA host>/_admin/ManageTrust.aspx and add a new trust. Browse to the previously exported file and choose that and you're done.
Regards,
- Hans.
Hi Hans,
thanks for the advice.
We purchased a certificate and deployed it as well as adding the trust you mention but still exactly the same issue
I believe a lot of people are having similar problems with certs when configuring this chatter code.
Are there any other options you can suggest
Regards
Brian
Hi Brian,
You say you bought a certificate; I assume that you use that to have ssl on your sharePoint site. Adding the certificate you bought to SP trusts will not solve your issue.
The original error message actually hints you the real issue : "The root of the certificate chain is not a trusted root authority". In this case the certificate chain to the ssl certificate of SalesForce is not trusted (yet). Since the SalesForce certificate is provided by VeriSign you need to add the VeriSign root certificate to the SP Trusts.
Any third party app you deploy in SP that uses an encrypted connection will only run if you add the 'root certificate' as trust to SP.
Now, every Windows server comes with an installment of 'trusted root certificates'. You can access these throug the 'certificates' MMC snap-in. Just add the snap-in with the scope of 'computer' and navigate to 'Trusted Root Certification Authorities', here you will find all root certificates of well known issuers.
Double click the VeriSign Trusted Network certificate to export it as DER X.509 and store it as a .cer on you server and import it in SP as I mentioned earlier.
Hope this helps, if not, let me know and we'll continue...
Regards, Hans.
HI Hans,
many thanks for the reply.
We are using a virtual cloud server machine installed with Win 2008 and Sharepoint 2010 SP1
The SSL certificates it was installed with and the self certificates we created allowed HTTPS to work
on the web sites but still we got the Salesforce certificate error. The same happens now with the third party certificate.
The problem we have is that the error refers to a Salesforce Verisign certificate I cannot find anywhere on the
server via the mmc console. I have registered as many verisign certificates as I can to the trusted root but no luck.
I have spoken to the Cloud server providers and they can offer no explanation.
All I can assume is that as part of the Chatter code install either a required certificate is missing or is in an area I haveno access to.
Any thoughts appreciated - the error in the Event Viewer refers to 8311 - Topology
An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=login.salesforce.com, OU=Applications, O="Salesforce.com, Inc.", L=San Francisco, S=California, C=US\nIssuer Name: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US\nThumbprint: 3863534EF5120F2E8C759EB43CE71E100AD4AF72\n\nErrors:\n\n The root of the certificate chain is not a trusted root authority..
Thanks
Brian
Hi,
I've progressed a little further in that I have fixed the errors regarding the certificates by registering the Salesforce certificates from the login.salesforce.com site in my Sharepoint instance. However I still get the same error mentioned above but this time no indication of what is causing the issue. Does anyone have experience of diagnosing OAuth login issues
Many Thanks
Brian
HI,
the problem appears to be in the configuration of the Remote Access Application in my Salesaforce instance.
In Salesforce I use the Callback URL
https://sp2010/_layouts/SFChatterWP/oAuthLoginPage.aspx
which is the same URL as set in the Chatter Callback URL Connector settings. However I get the error:
Name=Request (GET:https://sp2010:443/_layouts/SFChatterWP/oAuthLoginPage.aspx?CK=3MVG9y6x0357HlefatEfBXCvJ7l5jjugIHnnATA_f8V1NRagGQM29LgZZg4BBDe9nZZgtsD51zw3T.ZhHANke&CS=&CallBackURL=https%3A%2F%2Fsp2010%2FPages%2FChatter.aspx&UID=2) f688708d-9571-43f2-8828-fbcb0035e1f0
Site=/ f688708d-9571-43f2-8828-fbcb0035e1f0
The remote server returned an error: (400) Bad Request. f688708d-9571-43f2-8828-fbcb0035e1f0
I am using a Cloud Server to host my Sharepoint website SP2010 - could this be the problem
Thanks
Brian
Hi
I am also facing the same problem with certificate error. Is it really require CA Certificate for establishing the connection?. I used Self signed certificate but still getting the same error " There is some problem in Chatter web part configuration. Please contact your administrator".
Detailed error message as per log file:
An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=login.salesforce.com, OU=Applications, O="Salesforce.com, Inc.", L=San Francisco, S=California, C=US\nIssuer Name: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US\nThumbprint: 3863534EF5120F2E8C759EB43CE71E100AD4AF72\n\nErrors:\n\n The root of the certificate chain is not a trusted root authority.
Is anybody got the correct solution for this?, or anybody can share the solution it would be great.
Hi,
yes I had a similar issue.
You need to open a browser an go to the login.salesforce.com site and when connected download the
certificate associated with this page and install it on your server under the Trusted folders certificates
Regards
Brian
Hi Brian,
Thanks for your quick response.
How can we download the certificate associated with this page ? I could create new self sigend certificate in salesforse, is the same?.
Thanks,
Sajesh
Our sharepoint webapp http://spinstance is available to extranet as https://spinstance.domain.com
We installed the webpart and deployed it to http://spinstance. After the install, I'm able to add the webpart to a given site., But, getting following error "Error: There is some problem in Chatter web part configuration. Please contact your administrator." upon clicking the login button on the webpar
Also, User Access Details & Org Remote Access Details lists were emtpy. We figured out that oAuth piece is working well (verified it by posting customer key and secret using FireFox RESTClient plugin and noticed that the refreshtokens are coming back)
Is http:// url extended as https:// supported by this webpart? please advise
Thanks,
Hari
Hi,
If you are having trouble with the appExchange version of the Chatter web part I encourage you to take a look at a version I wrote: http://marcrdavis.wordpress.com/chatter-for-sharepoint/ - it is a lot easier to setup and configure than the appExchange one.
Regards,
Marc
Hi Brian, I am also having difficulties in adding a salesforce web part to share point 2010. when ever I try to add the Web Part I get an error message that says " A Web Part or Web Form Control on this Page cannot be displayed or imported. The type is not registered as safe”.
I have changed my web.config file added attributes Safe to "true" and AllowRemoteDesigner="True"
Please assist with the possible solution