on 12-06-2013 11:17 AM
Hi,
im using Afaria single server setup with relay server in dmz. Only port 443 is open from afaria srv to relay, adn from relay to internet. On relay srv i have go daddy cert, same cert is imported in afaria server personal store. Communication from afaria to relay is going over https, port 443, and for that communication i am using self signed cert.
Im reciveing following error when im enrolling Android or IOS devices:
1. Enrollment fail on andorid device
2. Invalid Enrolmet code on IOS device
Device are passing relay server and in iis log on Afaria server i have same error for both devices.:
::1 GET /aips/aipService.svc/GetEnrollmentSeedData ID=%7Ba34befa3-3e7a-4a55-a7c6-a233ac719e21%7D&ClientType=-10 443 - ::1 Afaria+Android+Client 500 0 64 9
::1 GET /aips/aipService.svc/GetEnrollmentSeedData ID=%7Be0cd57e4-d414-4770-bc7e-36980a13ff55%7D&ClientType=-8 443 - ::1 Afaria+iPhone+Client 500 0 64 8
Same moment the following error is showing in windows event log :
Log Name: System
Source: Schannel
Date: 12/6/2013 11:40:34 AM
Event ID: 36888
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: SrvMdMAfaria.mydomain.com
Description:
The following fatal alert was generated: 20. The internal error state is 960.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Schannel" Guid="{1F678132-5938-4686-9FDC-C8FF68F15C85}" />
<EventID>36888</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2013-12-06T10:40:34.520082100Z" />
<EventRecordID>8956</EventRecordID>
<Correlation />
<Execution ProcessID="528" ThreadID="572" />
<Channel>System</Channel>
<Computer>SrvMdMAfaria.mydomain.com</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="AlertDesc">20</Data>
<Data Name="ErrorState">960</Data>
</EventData>
</Event>
In Browser on Afaria server if i go to https://127.0.0.1/ /aips/aipService.svc/GetEnrollmentSeedData ID=%7Be0cd57e4-d414-4770-bc7e-36980a13ff55%7D&ClientType=-8
i receive following error (picture):
Any advice?
Thanks,
Vuk
Hi,
Can you provide more details .
Please try below step
1.For Afaria 7 sp4 you need to install vcredist_x64 and vcredist_x86 Microsoft visual c++ 2012 redistrubute and .NEt 4.5 . you can get the setup file in the afaria setup folder (Redistributables).
2. Please mention the https = 1 and certificate parameter in outbound enabler
3. Also allow the define the https port in rs.config of relay server.
Please try and revert back .
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi,
1. I install vcredisrx64 and vcredist_x86, and .net 4.5, i could not install sp4 with out it.
2. U can check my rsoe config is attached
3. rs config is attached to
I input cert in rsoe_aips.config, and am geting same error. when enrolling device.
Check rsoe_aips_log.txt and look for ffffffffffffffffff. Its short log from like 1 min connection, i get ffff on in rsoe_log to
Thanks in advance
Vuk
your test url should be:
notice the missing space between ip-address and "aips" and also the ? between SeedData and ID...
You can get more help in solving the SChannel error 36888 here:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
95 | |
11 | |
11 | |
10 | |
9 | |
8 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.