I have enabled REST in our Test Database. I am currently using a self-signed personal certificate and can hit the services via a web browser continuing past the certificate warning. But I cannot get to it via Excel 2010 and PowerPivot and connecting with the Data Feed External Data connection. I get the message “Cannot connect to the specified feed. Verify the connection and try again. Reason: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.” I have enabled Windows Authentication for Single Sign-on, which we use, and do not need to authenticate when access the REST service through a browser (Chrome).
I have confirmed that Excel has the personal certificate as a Trusted Publisher. We do know our MS Office internally needs to be updated and maybe a later version would not have this issue.
Do I understand correctly that you can open connection in Chrome on that computer and no certificate error is shown?
For me it was usually enough to put self-signed cert into Local computer\Trusted people certificate storage. Try this storage. Or, in the worst case, you can put it into client’s machine Local computer\Trusted root certification authorites storage.
Agreed with Olga - if you are using a self signed cert, if you place it in Trusted Root Certificate you can play in a test mode. Obviously this is not appropriate for a live scenario. Buying a cert or setting up a certificate server and pushing out to clients via group policy would be the norm in that scenario.
I can access the REST services with Chrome and IE. Self-signed Cert is loaded in the Trusted Root Certificates Authority.
The issue is with Excel 2010 and PowerPivot. That is where I receive the SSL Error. I ensured that Excel has the self-signed cert in Trusted Publisher.
Afaik, trusted publisher is not for connection, it is for signing, so this is not the case.
But if you say you have this cert in Trusted root, it should work…
Just to be sure:
When you open in browser, no errors are shown in address line, like red crosses or open locks?
These red warnings mean that browsers have the same error, you just bypass it and you able to connect.
So you either did not placed cert in the correct storage on the client machine, or you use different URL to connect, that is not enlisted in the certificate.
If you click on Certificate Error in IE for example, you can see what problem exists with ther certificate. What error it shows you?
If it is Mismatched address then you use incorrect hostname in URL:
When you create certificate with the Subject = hostname, you need to use the same hostname in the URL.
I think the problem is the servername.domain.com issue. I cannot connect (website does not exists) through the fully qualified domain name (server.domain.com).
