Esync error: "No security certificates were found for synchronization."

  • Updated

In some cases you may see the following error when creating a sync relationship.

"No security certificates were found for synchronization."

Below are the possible culprits and resolutions.

Culprit #1: Security certificates have never been generated or were generated incorrectly. To verify check your site folder for 3 files named like '%_SyncClient%'. If these files are not present or their timestamps do not match the same files in the EktronWindowsService40 folder, see the solution below.

C:\Program Files (x86)\Ektron\EktronWindowsService40

Solution:

  1. Run  SecurityConfigurator.exe from the following folder:
    • 8.70 or earlier: C:\Program Files (x86)\Ektron\CMS400v8x\Utilities\SOFTWARE\SecurityConfigurator
    • 9.X or later: C:\Program Files (x86)\Ektron\CMS400v9X\Utilities\SecurityConfig\SecurityConfigurator
  2. Disable Discard Existing Keys and click Generate .
  3. If this does not work repeat step 1, enable Discard Existing Keys , and click Generate.
  4. If you did step 3 then you will need to apply the newly generated certificates to the other eSync servers that it syncs to or from.

Culprit #2: You are using an app pool identify other than network service. 

Solution: Either change the app pool to network service and regenerate certificates or make all of your Ektron sites use the same app pool user. Also make the Ektron Windows Service use the same user as the app pool identity.

Note: Using a user besides Network Service could have unexpected consequences. Most testing of Ektron is done using Network Service. 

Culprit #3: The Ektron Windows Service is not fully started on both sides of the sync.

Solution: Check if EWS is started properly

Culprit #4: Certificates from the remote server have not been copied to the local one and vice versa. 

Solution: Run the security configurator and apply the certs from the remote server. Do this both ways.