Using Xconnect Without Certificates When You Really Want to Live on the Edge!

Sometimes you don't have time to deal with problems and you've just gotta have a running instance of Sitecore. Today we had some certificate issues with xConnect that appeared out of nowhere, so after some time troubleshooting I decided to remove the requirement, since we've already locked down network access to it. Temporary and non-Production, and in other words, nail meet hammer.

I won't go in to how or why my certificates were no longer valid, but needless to say that's a posting for the near future and it wasn't the best of moods coming out of yours truly. I was out of time, needing to get a Dev instance running for the team, so here we go. 

In dev.xconnect\App_Data\Config\Sitecore\CoreServices you'll find the following two files. Removing or disabling these will allow you to connect to xConnect without SSL. 

  • App_Data\Config\sitecore\CoreServices\sc.XConnect.Security.EnforceSSL.xml
  • App_Data\Config\sitecore\CoreServices\sc.XConnect.Security.EnforceSSLWithCertificateValidation.xml

Once completed you'll just have to update your connectionstrings.config to not use https for xConnect. You can leave the thumbprints there since those lines will be needed when all is fixed.

Obviously not advised, and should be fixed up ASAP, but in a protected, non-production environment it's something that can be used to get things running once more.