When you configure Claims Based Authentication in the Microsoft Dynamics CRM 2011 Deployment Manager and a certificate is selected that has a name longer than 128 characters, you receive the following error:
Exception creating Certificate, Name=(CN long_certificate_name :Exceeded column length: Column Name)
There is a limit of 128 characters that a certificate name can have if it is the certificate being selected during the Claims Authentication Wizard.
This limit was extended as part of Update Rollup 4 and will be available in that rollup or later. The limit is now at 512 characters. The latest update rollup can be found through the link below.
Select a certificate that has a name less than 128 characters.
Note A self-signed certificate can be used for this process. This is only used for encrypting claims between the Microsoft Dynamics CRM server and the ADFS server. The certificate does not need to be bound to the Microsoft Dynamics CRM website. The certificate only needs to reside in Server Certificates in Internet Information Services (IIS).
Create a Self Signed certificate in Internet Information Services (IIS) Manager:
a. On the CRM server you are configuring Claims authentication, open up Internet Information Services (IIS) Manager
b. In the Connections pane, click SERVER.
c. In Features View, click Server Certificates.
d. In the Actions pane, click Open Feature.
e. In the Server Certificates Actions pane, click Create Self-Signed Certificate.
f. When you are prompted Specify Friendly Name, type CRMADFSCertificate, and then click OK.
g. When you configure claims, select the CRMADFSCertificate when you are prompted for the certifcate.
The error in the Platform trace is:
Crm Exception: Message: Exceeded column length: Column Name, ErrorCode: -2147220970
[2010-11-04 20:17:36.256] Process: mmc |Organization:00000000-0000-0000-0000-000000000000 |Thread: 3(SnapIn/Main-thread.) |Category: Platform.Sql |User: 00000000-0000-0000-0000-000000000000 |Level: Error | CrmCertificateService.Create