cancel
Showing results for 
Search instead for 
Did you mean: 

Unable to connect message on iOS

former_member686053
Active Participant
0 Kudos

Hi,

After hard processes I achive to enroll and load profile on my iOS device.

After enroll and load profile, I see a popup on Afaria screen "Unable to connect"

Maybe thats why, I cant install enterprise apps.

Cant see the problem on forum.

have u an idea?

In IPCU logs I see some warning about that. Here is log:

########################################################################################################

Jan 29 09:45:35 ferudunatakan-iPadi Afaria[2155] <Warning>: [HomeViewController doGeneralRefresh:]

Jan 29 09:45:35 ferudunatakan-iPadi Afaria[2155] <Warning>: doAppListRefresh

Jan 29 09:45:35 ferudunatakan-iPadi Afaria[2155] <Warning>: doAppListRefreshNoPurge

Jan 29 09:45:35 ferudunatakan-iPadi Afaria[2155] <Warning>: UIDevice.getUDID > b36808e63660495c3c93c6fd55ac4f22e21bc666

Jan 29 09:45:35 ferudunatakan-iPadi Afaria[2155] <Warning>: AppListViewControllerProtocol protocol -> resetImageDownloads

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: UIDevice.getUDID > b36808e63660495c3c93c6fd55ac4f22e21bc666

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate.updateAppListRefreshTime: (null)]

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate.updateAppListRefreshTime: 2015-01-29 07:45:36 +0000]

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: doAppListRefreshNoPurge: main thread - calling loadAppList

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: UIDevice.getUDID > b36808e63660495c3c93c6fd55ac4f22e21bc666

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: AppListViewControllerProtocol protocol -> appListLoadStarted

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: loadAppListForServer:"https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ps-afaria/ps/ps.svc" "https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ps-afaria/ps2/ps.svc" client:b36808e63660495c3c93c6fd55ac4f22e21bc666

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: - url = "https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ps-afaria/ps/ps.svc/packages/b36..."

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: [UserIdentityCert.prepareToUseCertAuthentication] user identity cert. invalid CN: (null).

Jan 29 09:45:36 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x2 busy:1]

Jan 29 09:45:38 ferudunatakan-iPadi CommCenter[43] <Notice>: com.apple.CommCenter.Prox - Declared system activity to prevent sleep

Jan 29 09:45:38 ferudunatakan-iPadi Afaria[2155] <Warning>: CFNetwork SSLHandshake failed (-9800)

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: CFNetwork SSLHandshake failed (-9800)

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: CFNetwork SSLHandshake failed (-9800)

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: NSURLConnection/CFURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9800)

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: connection:didFailWithError:

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x2 busy:0]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: Connection failed: Error - An SSL error has occurred and a secure connection to the server cannot be made. https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ps-afaria/ps/ps.svc/packages/b36...

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: doRequestConnect:

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: Reachability Flag Status: WR t----l- networkStatusForFlags

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [[[AfariaAppDelegate doRequestConnect: doConnect]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AipsController doConnect:]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate.isClientDisabled 0]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate.isClientDisabled 0]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AipsController.doConnect - resetenrollment_preference NO]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AipsController cancelPost]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: Posting inventory

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AipsController setStatusLine:"Verifying device status..."]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x1 busy:0]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x1 busy:1]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: UIDevice.getUDID > b36808e63660495c3c93c6fd55ac4f22e21bc666

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper init]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper dealloc]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: postToURL:"http://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/es-afaria/aips/aipService.svc/Cli..."

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [UserIdentityCert.prepareToUseCertAuthentication] user identity cert. invalid CN: (null).

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper init]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper dealloc]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: UIDevice.getUDID > b36808e63660495c3c93c6fd55ac4f22e21bc666

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper init]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper dealloc]

Jan 29 09:45:39ferudunatakan-iPadi Afaria[2155] <Warning>: startPost

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: AppListViewControllerProtocol protocol -> appListDidFailToLoad

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: doSearch

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate issueAppListDidFailToLoadAlert]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [DataSender connection:didReceiveResponse:]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: httpResponse.allHeaderField Dictionary: {

"Cache-Control" = private;

"Content-Length" = 361;

"Content-Type" = "text/xml";

Date = "Thu, 29 Jan 2015 07:45:16 GMT";

Server = "Microsoft-IIS/7.5, Microsoft-IIS/7.5";

"X-AspNet-Version" = "4.0.30319";

"X-Powered-By" = "ASP.NET, ASP.NET";

}

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: connection:didReceiveResponse: http 200

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [DataSender connection:didReceiveData:]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [DataSender connectionDidFinishLoading:]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: HTTP code: 200, Received 361 bytes of data

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AipsController updateLastConnection]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AipsController setStatusLine:"Verification complete"]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x1 busy:0]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [DataSender processResponse]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper init]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didStartElement:root

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didStartElement:ClientSeedInfo

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didStartElement:PackageServerAddress

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didEndElement:PackageServerAddress

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didStartElement:PackageServerVirtDir

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didEndElement:PackageServerVirtDir

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didStartElement:PackageServerAuthVirtDir

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didEndElement:PackageServerAuthVirtDir

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didStartElement:DeviceUDID

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didEndElement:DeviceUDID

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didEndElement:ClientSeedInfo

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didStartElement:TEMSettings

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didEndElement:TEMSettings

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: parser:didEndElement:root

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: didParsePackageServerAddress:"https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ps-afaria" virtDir:"ps" authVirtDir:"ps2" UDID:"b36808e63660495c3c93c6fd55ac4f22e21bc666" WiFiMAC:"(null)"

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: [KeychainWrapper dealloc]

Jan 29 09:45:39 ferudunatakan-iPadi Afaria[2155] <Warning>: >>> UIDevice.setUDID > b36808e63660495c3c93c6fd55ac4f22e21bc666 initial value.<<<

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: [HomeViewController doInitialRefresh:]

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: doAppListRefresh

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: doAppListRefreshNoPurge

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: UIDevice.getUDID > b36808e63660495c3c93c6fd55ac4f22e21bc666

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>:NitroDesk URL = http://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/es-afaria/aips/aipService.svc/Get...

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x10 busy:0]

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x1000 busy:1]

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: handlePackageServerInfo:

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: handlePackageServerInfo: address="https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ps-afaria" virtDir="ps" authVirtDir="ps2"

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: seedPS: ConnectionParams server="ars.yasar.com.tr" port="5007" protocol="https" farmID="ps-afaria" urlPrefix="/ias_relay_server/client/rs_client.dll/%cid%" virtualDirectory="ps"  authVirtualDirectory="ps2"

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: NitroDesk didRecieveData

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: NitroDeskDownloader.connectionDidFinishLoading start.

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate netUser:0x1000 busy:0]

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: nitro desk xml <NitroDesk>

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: NitroDeskXML didStartDocument

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: NitroDeskXML didStartElement: NitroDesk

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: NitroDesk XMLParser error: The operation couldnt be completed. (NSXMLParserErrorDomain error 5.)

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: Failed to parser NitroDeskXML

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: [AipsController NitroDeskDidFailToLoad]

Jan 29 09:45:40 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate issueAppListDidFailToLoadAlert2]

Jan 29 09:45:44 ferudunatakan-iPadi Afaria[2155] <Warning>: [AfariaAppDelegate alertView:<AFAlertWrapper: 0x14e186c0; baseClass = UIAlertView; frame = (0 0; 0 0); opaque = NO; layer = <CALayer: 0x14e1d730>> didDismissWithButtonIndex:0]

Jan 29 09:45:44 ferudunatakan-iPadi Afaria[2155] <Warning>: appListDidFailToLoadAlert dismissed with button 0

Jan 29 09:45:53 ferudunatakan-iPadi CommCenter[43] <Notice>: com.apple.CommCenter.Prox - system activity completed

Accepted Solutions (1)

Accepted Solutions (1)

former_member686053
Active Participant
0 Kudos

Which address you get internal server error?

tracy_barkley
Employee
Employee
0 Kudos

That was prior to the  removal of the bindings.  I see we have another thread for a 406 on the package server.   If we have corrected the issue in this thread can you go ahead and mark this answered?

Thanks

Tracy

Answers (7)

Answers (7)

former_member686053
Active Participant
0 Kudos

I remove port 5007 binding on Afaria servers.

I remove port 80  binding on Relay servers.

All RSOE's are up.

former_member686053
Active Participant
0 Kudos

By the way I remove port 80  from binding on Relay Servers' IIS

tracy_barkley
Employee
Employee
0 Kudos

Make sure you removed the binding on both relays and did an iisreset.   I still get the internal server error.

tracy_barkley
Employee
Employee
0 Kudos

Check the IIS on both Afaria servers as well for the double binding.  If it is there it will need to be removed as well.

Tracy

former_member686053
Active Participant
0 Kudos

Perfect. Now can Enroll and load profile.

On device Settings I can see:

Package server : ars.yasar.com.tr and port 443

Enrollment Server: ars.yasar.com.tr and port 443

But

Still Cant deploy Enterprise App and send message even I have custom signed APNS cert

I get  IPH3011: İOS[12025] , IPH3011 : iOS[12024] and IPH6021 errors and Afaria Client shows popup : Unable to Connect.

former_member686053
Active Participant
0 Kudos

How can I get and help to observe ym sistem completely? Should I open a ticket?

tracy_barkley
Employee
Employee
0 Kudos

Tevfik,

You certainly can open an incident with support.  That will allow support to connect to you and your system, if you have set up the Citrix go to assist.  I would recommend getting this set up prior to opening the incident.  Http://service.sap.com/sap/support/notes/2026090 is the article to follow to set this up. 

Tracy

former_member686053
Active Participant
0 Kudos

I dont know what happen, But now cant enroll device!

Really strange. I really ned a clear describe document about certificate, SSL and Afaria things.

I am Security admin specially firewall. But this afaria things make me  feel like inadequate.

I always write here again and again. Realy tiring.

tracy_barkley
Employee
Employee
0 Kudos

Tevfik,

Afaria can be complex to set up.  Have you read the actual Afaria setup documents?  Generally between those and using the support.sap.com website, most common situations can be resolved.

The setup documents are here. SAP Afaria 7 SP5 On Premise – SAP Help Portal Page

Now as for enrollment, if it was all working and just stopped, check your relay logs to see if anything has stopped and needs to be restarted.  Beyond that check your services for Afaria.

As for the certificates, basically what we have here is the SSL cert to secure communications. This is not the signing cert, the APNS cert etc. This is the certificate that basically tells the client it is okay to talk to Afaria.

As I recall you have a public certificate for this.  You will need to make sure that has been installed into the relay server.

In IIS you need to open up the default web site.   Click on ias_relay_server.  Is the port listed under the browse application on the right side 443?  Then click back on default web site. Is the port there the same?   Click bindings on the right side. Select HTTPS.  There is an SSL certificate at the bottom.  You can view it here.  It will show when it expires and the name of the cert.  If you do not have an https under here, hit add, set the port, and then bind the SSL cert you are using to sign the connection.

Please let me know if you have any questions.

former_member686053
Active Participant
0 Kudos

I can bind my signed wildcard certificate for port 443.

And my certificate expires 3/31/2015

but my relay server address is  https://ars.yasar.com.tr:5007

i use 5007 for http.

Is this problem?

former_member686053
Active Participant
0 Kudos

I look at IPCU logs and see

CFNetwork SSLHandshake failed(-9000)

tracy_barkley
Employee
Employee
0 Kudos

Tevfik,

It is fine to use 443 for HTTPS.  The issue is that you have the 5007 Http port in the address for the HTTPS connection.  Can you send me a screenshot of the server > configuration > component > package server page please?  I can get your relay to show me status on Relay Server Status.  It is partial by the way.  One of your OEs isn't currently up.  However I do get an error trying to get your package servers to respond.  It is because you have two HTTP defined in IIS.  On both relay servers,  remove the HTTP with port 80.  If you are going to use 5007, you will only want the one defined.

Tracy

tracy_barkley
Employee
Employee
0 Kudos

And it might help if I linked the HTTPS response from the relay.. Relay Server Status

former_member686053
Active Participant
0 Kudos

Here is package server screenshot

And when I try  with port 443

https://ars.yasar.com.tr:443/ias_relay_server/client/rs_client.dll/

I see Patrial, then Full

But if I try https and port 5007, SSL error

tracy_barkley
Employee
Employee
0 Kudos

Tevfik,

AFARIARELAYPNB is the one showing partial.  Your other one is full and good.  Check the logs on that one.

So first, in IIS in those bindings remove that second HTTP set to 80 and iis reset.

this will fix the error you get when trying to hit the package server from the outside.

https://ars.yasar.com.tr/ias_relay_server/client/rs_client.dll/ps-afaria/ps/ps.svc/help

On the page we screenshotted, (server>configuration> component> packages sever. Just change the server address to ars.yasar.com.tr  

No port needed since you are using the default 443 for HTTPS. Then reenroll the device and make sure the address the device displays is https://ars.yasar.com.tr/ ...

former_member686053
Active Participant
0 Kudos

where I have to look at?  Relay or Afaria server to check certificates?

tracy_barkley
Employee
Employee
0 Kudos

Tevfik,

This would be on the Relay server.  Check the Certificate store and ensure your SSL cert that is bound to the IIS virtual directory for your relay (ias_relay_server) is not expired.  Also in the IIS, make sure it is attached to the website itself and is on your HTTPS port.

As Andreas mentioned you cannot browse to https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ but you can to http://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/

This means it is just an SSL issue out on the relay. 

andreas_kuhn
Advisor
Advisor
0 Kudos

Hello,

i tried to browse to https://ars.yasar.com.tr:5007/ias_relay_server/client/rs_client.dll/ which should show your Relay Server Overview, but i got ssl_error_rx_record_too_long.

So it seems you have a Problem with either your root certificate or the ssl binding at your relay server.

The common problem is your ssl certifcate has expired.

Regards

Andreas