I was working on worker dual write map to integrate bookable resources from CE to F&O using dual write. While performing initial sync I got an error “Authentication failed with error Exception Message Failed to get token from AAD by certificate”

The detailed error is as shown below.

Unable to write data to entity msdyn_partyelectronicaddresses.Authentication failed with error Exception Message Failed to get token from AAD by certificate..Failed to authenticate for https://hsmbosdev.crm.dynamics.com/api/data/v9.0/msdyn_partyelectronicaddressesUnable to get access token for https://hsmbosdev.crm.dynamics.com/api/data/v9.0/msdyn_partyelectronicaddresses Activity ID for troubleshooting {627BE475-4ED8-0002-C775-7C62D84ED801}.

First, I thought there might be something wrong the way I am doing this but after doing some research I found the yammer thread which has resolution for this issue.

This issue happens in tier 1 environments which are after 10.0.23 update. To fix the issue perform following steps –

  1. Log on to cloud hosted environment with the remote desktop client.
  2. Locate and open K:\AosService\WebRoot\bin\Batch.exe.config (If there’s no K drive on your box, just try to find the hard drive where AosService is located)
  3. Search for <runtime> …. <gcServer enabled=”true”> <gcConcurrent enabled=”true”> <AppContextSwitchOverrides value=”Switch.System.IO.Compression…”> </runtime>
  4. And change AppContextSwitchOverrides to <AppContextSwitchOverrides value=”Switch.System.IO.Compression.ZipFile.UseBackslash=false;Switch.System.IdentityModel.DisableCngCertificates=true” />

Open Services on your tier 1 enviornment and restart Batch Management Service. Stop and start your map and perform initial sync again.