Epicor Upgrade

We’re currently running 2021.2.30 and we’re starting to work on the next upgrade. Are there any challenges I need to be aware of?

I’m aware that starting with 2022, domains need to be “.com” instead of “.local”. Has anyone encountered any challenges making that switch?

Where is the domain criteria documented?

Our domain is .local, we are on 23.1 and have not run into any issues.

The com/local thing is a hodgepodge for us.

Our internal domain is local. Our (main) SSL is com. IIS bindings resolve the difference.

The trial-and-error part was that we cannot use Windows binding anymore (and net.tcp is gone starting at 2022.1). But “Azure” authentication does work. (I know, it’s Entra ID now. Epicor docs still say Azure.)

OTOH, the SQL server is not publicly accessible, and I have the task agent there (with an EAC install), and it’s all .local (with a self-signed SSL cert).

Did that help to complicate things more? :rofl:

1 Like

I don’t know where it’s documented. The consultant we use occasionally for backend (servers, SQL Server) mentioned it to me when we upgraded to 2021.

Jason:

Thanks for the feedback. I see you’re a (Epicor) cloud customer, given your reference to Azure and not being able to used SQL Server.

As with you, we have a SSL for .com because we use the Epicor CRM app, and we also use it for eCommerce (part store).

Looks like internally the .local is still used.

No, we’re on prem. I maintain our SQL server.

You can use .local, but it does come with challenges. It depends partly on whether you want the servers available externally - only really required for mobile apps, whether you have an internal CA server on your domain or as a worst case you could use self signed certs which you publish to the clients.
The issue with .local is that Epicor now uses https for all traffic. As such the server needs a certificate which the clients will trust.
No Global Certificate authority will issue .local certs as they can’t. So if you want to refer to your epicor server internally as epicorserver.local, you must either use your own CA which can issue a cert to it, and tell the clients it is trusted. Or use a self-signed cert and manually install that on all clients.

Or if you have a wildcard Vanair.com cert which you can install on that server, you can do some DNS jiggery pokery to point epicorserver.vanair.com to 10.x.x.x or whatever your server is. And then play around with config files in Epicor to ensure the URL is correct in all locations.

2 Likes