(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates)

Friday

Mar162012

Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)

Friday, March 16, 2012 at 02:06PM

My thanks to my Microsoft contacts for supplying an answer to this.

Situation: Windows 8 Server Beta: Hyper-V replication between two servers that are in workgroup mode (non-domain bound). When configuring using the Understand_and_Troubleshoot_Guide_Hyper-V_Replica_in_Windows_Server_8_Beta documentation I ran into a problem when trying to use the certificate generated in the appendix.

==========================================================================

Error 0x00002F89 which states the corticated chosen was not correct due to: not having a corresponding certificate in the computer personal store, terminating at root certificate, including private key, having the server extended feature, and / or correct CN.

==========================================================================

I tried a lot of things but just could not make this work. The following is an addition to the guild which basically tells the replication service to ignor checking of the self-signed certificate:

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication" /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f

Lab Setup:

Two Machines in workgroup mode: Win8Acer and Win8Black

On both systems:

1) Configure the advanced setting to add a FQDN to the name of the server (I used Test.Lab)

2) In the hosts file specify the replication network address of the server as the FQDN and add the other servers replication network address as well

Step 1.

Server1 (Win8Acer) – Primary Server

Open a CMD as Admin

: Change locatation to my temp directory where MakeCert.Exe is stored

CD C:\MakeCert\

makecert -pe -n "CN=PrimaryTestRootCA" -ss root -sr LocalMachine -sky signature -r "PrimaryTestRootCA.cer"

makecert -pe -n "CN=Win8Acer.Test.Lab" -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in "PrimaryTestRootCA" -is root -ir LocalMachine -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 PrimaryTestCert.cer

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\FailoverReplication" /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication" /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f

:Copy the root certificate to the replication server

Copy PrimaryTestCert.cer \\Win8Black\c$\MakeCert\

Step 2.

Server2 (Win8Black) – Replication Server

Open a CMD as Admin

CD C:\MakeCert\

makecert -pe -n "CN=RecoveryTestRootCA" -ss root -sr LocalMachine -sky signature -r "RecoveryTestRootCA.cer"

makecert -pe -n "CN=Win8Black.Test.Lab" -ss my -sr LocalMachine -sky exchange -eku 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 -in "RecoveryTestRootCA" -is root -ir LocalMachine -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 RecoveryTestCert.cer

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\FailoverReplication" /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f

reg add "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Virtualization\Replication" /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f

:Copy the root certificate to the replication server

Copy RecoveryTestRootCA.cer \\Win8Acer\c$\MakeCert\

: Import Root Certificate of the Primary CA - Server 1 (copied in previous step)

certutil -addstore -f Root "PrimaryTestRootCA.cer"

Step 3.

Server1 (Win8Acer) – Primary Server

Open a CMD as Admin

: Change locatation to my temp directory where MakeCert.Exe is stored

CD C:\MakeCert\

: Import Root Certificate of the Recovery CA - Server 2 (copied in previous step)

certutil -addstore -f Root " RecoveryTestRootCA.cer "

Step 4.

On both servers:

Following the Hyper-V Guild configure Hyper-V to use the ROOT CERTIFICATE (Server1 = PrimaryTestRootCA.cer, Server 2 = RecoveryTestRootCA.cer) when configuring the certificate used for the replication service and when you do each replication wizard for the individual vm.

2 Comments |

24 References |

View Printer Friendly Version

Email Article to Friend

References (24)

References allow you to track sources for this article, as well as articles that were written in response to this article.

Response: genomma labs

at genomma labs on August 21, 2012

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: structured settlement annuity

at structured settlement annuity on February 12, 2014

Does anyone know where I can start a free website?
Response: affiliate marketing

at affiliate marketing on February 21, 2014

I have a wordpress blog now, but I can't figure out how to get readers into there! I have been using myspace and it's been great, subscriptions like crazy, but a lot of them don't have wordpress...so no leads there. Besides, I am posting the same info to both, so it's ...
Response: flea and tick

at flea and tick on February 22, 2014

I've been looking for blogs where blogger covers penis enlargement or at least delves into the topic of penis enlargement with an independent and serious voice. What are the leading blogs of this type?.
Response: pay per click

at pay per click on February 22, 2014

I know that there are probably millions of bloggers out there. I also know that there a small percentage of them make money from blogging. Does anyone out there do this, (make money from blogging) and how do they do it?.
Response: affordable seo solutions

at affordable seo solutions on February 24, 2014

I have one computer running Vista which is connected to the internet and I want to be able to get the internet on my second computer (that's got XP) which is connected via a crossover cable. What do I need to set to be able to surf the net on my ...
Response: winding up order

at winding up order on February 25, 2014

I understand how to use Banners in Joomla, but the banners are not displaying. How do I choose where the banners show up? I see no option for that. Its published..
Response: life insurance policies

at life insurance policies on February 25, 2014

For wordpress there is the wphone which works great for simple themes, how about joomla? any way of updating a joomla website via mobile?.
Response: http://acmlive.info

at http://acmlive.info on February 25, 2014

I want to make my own website to sell things but I have no idea where to start.. I don't no what websites to go on, or how much it will be (or if there's any way i can do it for free?). Can someone give me as much information as ...
Response: seo services india

at seo services india on February 26, 2014

Why do copyright holders only allow people from certain countries to view their content?
Response: best psychic readings

at best psychic readings on March 2, 2014

Presumably the magazine doesn't do deals with each source that it reproduces, so how does copyright law allow them to re-print editorial content that they don't own without paying royalties?. . Also, can this law be applied internationally?.
Response: credit fraud prank

at credit fraud prank on March 6, 2014

What is a blogging site where people give a lot of quick feedback?
Response: solar shingles

at solar shingles on March 7, 2014

How can I insert a tag cloud into my blog @ blogspot?
Response: discount pet meds

at discount pet meds on March 11, 2014

How can I be sure that my Blogspot account was deleted?
Response: structured settlement loan companies

at structured settlement loan companies on March 13, 2014

How come my computer does not register the other computers in the network?
Response: Miami SEO

at Miami SEO on March 15, 2014

can any post on a personal blog (with disclaimer that it is his personal view) be used by any brand for filing a case against an individual for 'brand tarnishing' etc?.
Response: longer penis

at longer penis on May 19, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: Guy Hayenga

at Guy Hayenga on June 12, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: Mdhuset

at Mdhuset on June 12, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: affiliate marketing programs amazon

at affiliate marketing programs amazon on June 20, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: paula trang vietnam

at paula trang vietnam on August 2, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: môi trường và các nhân tố sinh thái

at môi trường và các nhân tố sinh thái on September 18, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: Wrinkless Cream

at Wrinkless Cream on September 19, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)
Response: email reading

at email reading on October 4, 2014

(Still) Heavy on the Technical - Journal - Windows 8 Server Beta - Hyper-V Replication in Workgroup Mode (using Certificates) - (Error 0x00002f89)

Reader Comments (2)

Honey Badger don't care...

April 17, 2012 |

Honey Badger

I just aktivated Replication between two of our Workgroup Hyper-V Servers with this Guide - worked like a charm !!

May 6, 2013 |

Florian

Post a New Comment

Enter your information below to add a new comment.

My response is on my own website »

Author:

Author Email (optional):

Author URL (optional):

Post:

↓ | ↑

Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>