I would like to post the problem I faced while creating a 3 node On Premises Fabric Service secure cluster by using 3rd party certificate.
On the same cluster I had successfully created non-secure Fabric service cluster and also the test result with secure .json file shows pass on all the test.
But when I issued command
.\CreateServiceFabricCluster.ps1 -ClusterConfigFilePath .\ClusterConfig.json -AcceptEULA
it showing the following error.
System.Fabric.FabricDeployer.ClusterManifestValidationException: Cluster manifest validation failed with exception System.ArgumentException: Certificate: thumbprint string ?13 6a d8 1e 11 57 71 e9 d7 5x f8 5x 18 3b 38 21 58 9f ff ec contains invalid HEX digit, [0] = 0x200e
I scrambled the thumbprint here for security reasons. I also tried to use the thumbprint without space in clusterconfig.json file, which is copied while importing certificate through powershell but the results remain same "contains invalid HEX digit"
I followed this MS article for securing the Fabric Service Cluster.
I exported the certificate from working IIS https website in .pfx format with private key and imported through PS script and also assign Network Service user access through PS script
Traced in deployment logs showing nothing except the failed installation attempt on three nodes.
Kindly assist me to resolve this issue, main show stopper for the deployment of cluster in production environment.
Please use a hex editor such as HxD to inspect your config. There is an invalid hidden character included in the thumbprint field of the Windows certificate properties UI, and if you copied this it will fail validation.