Error with Azure service SSL in Development Fabric - azure

I'm running into a problem with getting SSL to work in the Development Fabric. I'm running a clean install of Windows 8 Pro with Visual Studio 2012 Ultimate and the October 2012 Azure SDK for .NET. IIS8 is not installed, only IIS Express, which claims to support HTTPS so I'm hoping that's not the issue.
Running VS 12 as administrator, I've created a blank VS solution, added a new (.NET 4.5) cloud service with a new ASP.NET MVC 4 Internet web application project, and hit F5. Everything works fine. Then, when I add an SSL certificate to the web role and replace the HTTP endpoint (port 80) with an HTTPS endpoint (port 443, with the certificate), hitting F5 produces the following error message:
Windows Azure Tools for Microsoft Visual Studio
There was an error attaching the debugger to the role instance 'deployment18(32).WindowsAzureCloudService.Mvc4WebRole_IN_0' with Process Id: 4892'. Unable to attach. Access is denied.
Note, the last part ("Access is denied") comes in a few variations, a particularly pleasant one being "Catastrophic failure". :)
The only message in the VS Output window ('General' output) is:
Windows Azure Tools: Warning: Remapping private port 443 to 444 in role 'Mvc4WebRole' to avoid conflict during emulation.
The Compute Emulator UI is not much help; just before the instance disappears, this is the only console output that I get consistently (sometimes other messages appear, but sporadically every few runs; I'm not sure how to capture these):
[fabric] Role Instance: deployment18(33).WindowsAzureCloudService.Mvc4WebRole.0
[fabric] Role state Unknown
[fabric] Role state Suspended
[fabric] Role state Busy
[fabric] Role state Unhealthy
[fabric] Role state Stopped
The certificate was obtained from a CA and properly imported into the Local Machine/Personal/Certificates store as a .pfx with private key, extended properties, and marked as exportable, for what it's worth.
When I attempt to publish the service to Azure, I get one build (validation) warning about the database connection string (which I assume is irrelevant):
The connection string 'DefaultConnection' is using a local database '(LocalDb)\v11.0' in project 'Mvc4WebRole'. This connection string will not work when you run this application in Windows Azure. To access a different database, you should update the connection string in the web.config file.
Probably more important, the deployment actually fails with the following history in the Windows Azure Activity Log window:
9:00:25 AM - Warning: There are package validation warnings.
9:00:25 AM - Preparing deployment for WindowsAzureCloudService - 1/3/2013 8:59:55 AM with Subscription ID '<...>' using Service Management URL 'https://management.core.windows.net/'...
9:00:25 AM - Connecting...
9:00:26 AM - Object reference not set to an instance of an object.
9:00:26 AM - Deployment failed with a fatal error
Can someone help me troubleshoot this issue? I've rebooted a few times. ;)
Thanks in advance!
EDIT (Jan. 3, 4:44 PM): I have a few ideas that might help me make progress, but some are pretty drastic so any advice would be appreciated:
Is there a way to capture all the output from the Compute Emulator (Dev Fabric) to a log file so I can review it? (System.Diagnostic.Trace calls from my service won't help, since I don't even get as far as the RoleEntryPoint when using HTTPS!) I figured this out; see next edit.
That null pointer exception during the Azure deployment has me worried. Is it worthwhile to try reinstalling the Azure SDK, and if so, how should I go about doing a clean install of it?
Has anyone seen a problem of this sort disappear when switching to using full IIS for the emulator? (That seems unlikely since IIS vs. IIS Express should have no relevance to the Azure deployment.)
EDIT (Jan. 4, 10:15 AM): Bad news: I tried the suggestion to grant Read access to the certificates, but it didn't help in my case. Good news: I managed to capture one of those sporadic messages in the Compute Emulator UI before it shut down; it was a bit of info from some diagnostics. Not helpful in and of itself, but it revealed where the Development Fabric was storing its temporary files:
[Diagnostics] Information: C:\Users\Lars\AppData\Local\dftmp\Resources\0005155d-4592-40f4-812e-18793b26576c\directory\DiagnosticStore\Monitor
The GUID portion gets recreated for every deployment, and it is deleted when the deployment goes away (as it always does in my case). But in the parent directory ('dftmp'), there are a few helpful directories that I then monitored during a new deployment: DevFCLogs, DFAgentLogs, and IISConfiguratorLogs. I guess that answers the first question I had yesterday! :)
DFAgentLogs\DFAgent.log: (41KB) No useful information. A bunch of "Failure to read pipe" messages and failures to get the role/deployment instance ID, which I assume are just noise.
DevFCLogs\DevFabric--2013.01.04--<...>.log: (510 KB) No useful information. I skimmed the file and also searched for 'error', 'failure', 'not found', 'certificate', and 'Mvc4WebRole_IN_0'; none of those showed any hints of what was going on.
IISConfiguratorLogs\IISConfigurator.log: (6 KB) Now we're making progress!! :) Can someone tell me what this means? (In the meantime, I'm off ILSpy-hunting... fun fun...)
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:08.915] Using IIS Express appdomain
(...)
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:08.936] Adding binding 127.255.0.0:444: to site deployment18(40).WindowsAzureCloudService.Mvc4WebRole_IN_0_Web
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:10.484] Caught exception
IISConfigurator Information: 0 : [00006356:00000005, 2013/01/04 16:07:10.487] Exception:System.Runtime.InteropServices.COMException (0x800401F3): Invalid class string (Exception from HRESULT: 0x800401F3 (CO_E_CLASSSTRING))
Server stack trace:
at Microsoft.Web.Administration.Interop.IAppHostProperty.get_Value()
at Microsoft.Web.Administration.ConfigurationElement.GetPropertyValue(IAppHostProperty property)
at Microsoft.Web.Administration.Binding.get_CertificateHash()
at Microsoft.Web.Administration.BindingCollection.Add(Binding binding)
at Microsoft.WindowsAzure.ServiceRuntime.IISConfigurator.WasManager.DeploySite(String roleId, WASite roleSite, String appPoolName, String sitePath, String iisLogsRootFolder, String failedRequestLogsRootFolder, List1 bindings, List1 protocols, FileManager fileManager, WAAppPool defaultAppPoolSettings, String roleGuid, String& appPoolSid, List`1 appPoolsAdded, String configPath)
EDIT (Jan. 4, 11 AM): ILSpy wasn't much help; the exception is being thrown at an interop point (we knew that already) while trying to get the hash of a certificate in order to set up the binding (we knew that too). Does anyone know what COM object would need to be registered in order to get a certificate hash for a binding in Microsoft.Web.Administration? Or how I could intercept the interop call to find out? Bonus points if you can tell me why this is happening in the first place. :)

I've had similar problem on two computers. On both cases installing IIS solved the problem.
It seems to be enough to just install the IIS (via add/remove Windows components). You don't need to start using it. The installation changes something and after that my IIS Express started working again with HTTPS from Visual Studio.
There is a discussion on similar issue on MSDN Social:
http://social.msdn.microsoft.com/Forums/nl-NL/windowsazuredevelopment/thread/ad362016-16f6-459a-8022-9307aa5f910e
And the issue has been also raised on Microsoft connect:
https://connect.microsoft.com/VisualStudio/feedback/details/758533
In my case the error in the log files was:
IISConfigurator Information: 0 : [00007644:00000007, 2013.01.17
00:39:18.523] Exception:System.Runtime.InteropServices.COMException
(0x800401F3): Invalid class string (Exception from HRESULT: 0x800401F3
(CO_E_CLASSSTRING))
I found the log files from C:\Users\\AppData\Local\dftmp\IISConfiguratorLogs directory.

When running locally with a private key cert for SSL, you'll need to give the user the emulator app is running under access to the private key. Open mmc.exe and add the Certificates >> Local Computer Snap-In to view your certificate. Right Click on the certificate, then All Tasks >> Manage Private Keys - then add IUSR and Network Service with at least read access.
For deployment to azure, you'll need to upload the certificate to the Cloud Service and make sure the certificate is valid for the domain.
Follow step 11 from http://www.microsoft.com/en-us/download/details.aspx?id=35448. From this SO post

Related

HTTP Error 500.30 - ANCM In-Process Start Failure with newly created app service

we are created new development environment so I cloned a current working app service into a new one and changed the configurations and deployed same code but the new app service is returning HTTP Error 500.30 - ANCM In-Process Start Failure
after trying the console for more details that's what I get, I don't think its related to runtime identifier because same code runs on different exact app services
The dreaded 500.3x ACNM error can mean different things, so I'm going to assist you in pinpointing those things.
My recommendation:
Go to Azure Portal > Your App Service > development tools
Open console.
Screen should look like this:
Console Screen Azure
Type in (YourWebAppName).exe
What this will do, is show error messages that are relevant to your startup issue.
Also, some information regarding errors can be seen here:
https://learn.microsoft.com/en-us/aspnet/core/test/troubleshoot-azure-iis?view=aspnetcore-3.1#app-startup-errors

Azure Web deployment task failed - There is an unclosed literal string

I created a basic web MVC app in vs 2017 and tried to publish it on Azure.
Tried to use existing app service and created a new as well, but both failed.
Received this error -
Severity Code Description Project File Line Suppression State
Error Web deployment task failed. ((20-Jun-19 12:40:32 PM) An error occurred when the request was processed on the remote computer.)
(20-Jun-19 12:40:32 PM) An error occurred when the request was processed on the remote computer.
There is an unclosed literal string. Line 1, position 70.
at System.Xml.XmlTextReaderImpl.Throw(Exception e)
at System.Xml.XmlTextReaderImpl.Throw(String res, String arg)
at System.Xml.XmlTextReaderImpl.ParseAttributeValueSlow(Int32 curPos, Char quoteChar, NodeData attr)
at System.Xml.XmlTextReaderImpl.ParseAttributes()
at System.Xml.XmlTextReaderImpl.ParseElement()
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XPath.XPathDocument.LoadFromReader(XmlReader reader, XmlSpace space)
at System.Xml.XPath.XPathDocument..ctor(TextReader textReader)
at Microsoft.Web.Deployment.PackageDeserializer..ctor(Stream stream, DeploymentBaseContext baseContext)
at Microsoft.Web.Deployment.DeploymentAgent.HandleSync(DeploymentAgentAsyncData asyncData, Nullable`1 passId, String user, String siteName) WebApplicationForAzure 0
To start with, kindly check to see if the app works fine locally.
A deployment issue is an issue that causes the wrong set of files to get deployed to your site folder (typically site\wwwroot), or that causes some files not to get deployed at all.
A runtime issue happens when the files in your wwwroot folder are exactly what they should be, but for some reason the site doesn't run correctly.
Make sure site correctly deploys locally for isolating the issue. Are you deploying to staging slots?
Set WEBSITE_WEBDEPLOY_USE_SCM=false in the Application settings from the Azure Portal, re-download the publish profile and then re-try to see if that helps.
Navigate to your problematic app in the Azure Portal.
Go to Configuration settings blade.
Under Application Settings, set WEBSITE_WEBDEPLOY_USE_SCM = false
Ensure that the ‘false’ key is in the value field.
Reset and re-download the publish settings again in VS.
Also, isolate to see if it is due to network proxy or port on your system.

ASP.NET application (always running) shuts down application pool when publishing

I've followed this guide here: Making ASP.NET application always running
However when I publish my web application to IIS 8.5 it shuts down the application pool and my event viewer shows the following message:
There was an error during processing of the managed application service
auto-start for configuration path:
'MACHINE/WEBROOT/APPHOST/mydomain.co.uk/'. The error message returned is:
'An initialization error occurred while trying to preload an application.
Exception: System.InvalidOperationException
Message: Well known object of type 'System.Web.Hosting.PreloadHost' already
exists in this App Domain.
StackTrace: at
System.Web.Hosting.HostingEnvironment.CreateWellKnownObjectInstance(String
assemblyQualifiedName, Boolean failIfExists)
at
System.Web.Hosting.HostingEnvironment.CreateWellKnownObjectInstance(String
assemblyQualifiedName, Boolean failIfExists)
at System.Web.Hosting.ApplicationManager.CreateObjectInternal(String appId,
Type type, IApplicationHost appHost, Boolean failIfExists,
HostingEnvironmentParameters hostingParameters)
at System.Web.Hosting.ProcessHost.PreloadApplicationIfRequired(String appId,
IApplicationHost appHostParameter, HostingEnvironmentParameters
hostingParameters, LockableAppDomainContext ac)
at System.Web.Hosting.ProcessHost.<>c__DisplayClass38_0.
<PreloadApplicationIfNotShuttingdown>b__0(Object o)'. The worker process will
be marked unhealthy and be shutdown. The data field contains the error code.
I can't for the life of me resolve this, or figure out where to start debugging it. If I manually start the application pool afterwards everything works fine -
it's just an annoyance really. Any advice appreciated.
Ahhhh. I've found the solution (well...it worked for me anyhow). And it was down to this great article: https://weblog.west-wind.com/posts/2013/oct/02/use-iis-application-initialization-for-keeping-aspnet-apps-alive
In particular, and what wasn't mentioned in the Hangfire tutorial above, was the need to:
Add the 'Applicaiton Initialization' role. On IIS 8.5 it was in a slightly different place to the linked article. It is in: Web Server (IIS) > Web Server > Application Development > Application Initialization
Also I needed to make sure that the 'Preload Enabled' flag was set, of which it wasn't. For that I highlighted my site in IIS, clicked 'Advanced Settings' in the right-hand panel, and set it there.
I then tried to publish my site again and voila....no HTTP Error 503!
UPDATE
This isn't the solution. The only reason it worked is because I'd attached the debugger (DebugDiag) and that seems to make it work for some reason! As soon as I detached the debugger I get the same error.
The selected answer helped me. If anyone else is having additional trouble, turned out I also didn't have the correct version of .NET installed on my machine; my app targeted 4.7, and the latest I had was 4.5. Once I got that installed, everything worked fine.
I increased the rapid fail protection maximum failures on the app pool to around 20. I'm not sure if this is the best way to solve it though.
IIS Manager
Application Pools
Select app pool
Advanced Settings
Scroll down to Rapid-Fail Protection
Maximum Failures - I changed this to 20
OK

Can't Connect to IIS 7.5 from another 7.5

I am trying to execute this command from a web application on sourceServer:
var mgr = ServerManager.OpenRemote(destServer)
but I receive this error:
UnAuthorized access wth a detail error: "Retrieving the COM class factory for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} from machine failed due to the following error: 80070005"
I have full administrative rights on both servers.
I can issue that command from a console application no problem, but when I try it from the web application, I get the error!
I have tried enabling the remote management checkbox and started teh remote access auto connection manager and also tried updating the load user profile on the applicaiton pool from false to true.
I have searched so much to the point that all of my links are pink in color!
Any input is greatly appreciated.
I've decided to ditch the use of ServerManager.OpenRemote() and use the DirectoryEntry way:
DirectoryEntry root = new DirectoryEntry("IIS://server/W3SVC", username, password)
it is much simpler and straightforward.

SharePoint 2013 :- Web Application taking forever to create

I have a SharePoint 2013 installation on a Window 8 machine.
I am trying to create a web application and it is taking forever. The creation process never stops. I checked in application event logs and found this error:
*Machine 'SHAREPOINT2013C (SharePoint - 43000(_LM_W3SVC_1458308317_ROOT))' failed ping validation and has been unavailable since '1/22/2013 3:56:48 AM'.*
Searched the web but could not find anything that works for me.
Can anyone suggest a way to resolve the issue? Thanks a lot in advance.
Below are my findings:
In order to recognize routing targets IIS has to be able to process SPPING HTTP method
To test run this code in Powershell:
$url = "http://your-Routing-Target-Server-Name"
$myReq = [System.Net.HttpWebRequest]::Create($url)
$myReq.Method = "SPPING";
$response = $myReq.GetResponse();
$response.StatusCode
If you get the following error message:
Exception calling "GetResponse" with "0" argument(s): "The remote server returned an error: (405) Method Not Allowed."
that means that web front end is not set up to process SPPING HTTP method
To resolve the issue run the following commands on each routing target server:
Import-Module WebAdministration
add-WebConfiguration /system.webserver/handlers "IIS:\" -value #{
name = "SPPINGVerbHandler"
verb = "SPPING"
path = "*"
modules = "ProtocolSupportModule"
requireAccess = "None"
}
This will add a handler for SPPING verb to IIS configuration.
Run the test script again to make sure this works.
So this has to do with the Request Management Service that runs on the WFE servers on SharePoint 2013. The Request Management Service is of no value since you only have one server. If you disable this service on your single server farm these messages will go away and your Web Application creation performance will greatly increase.
Mark Ringo
I recently faced this issue, I created new Web Application and it was showing a popup of "It shouldn't take long", then after some time it showed a Connection failure page. I browsed to the virtual directory folder for the new web application and found that the folder was totally empty.
Then what I did to solve this problem:
1. Open IIS
2. Go to Applicatin Pools
3. Select Central Admin application pool and right click and select "Advance Settings".
4. There was a property named "Shutdown Time Limit", it was set to "90" by default. I changed it to 400 and clicked OK.
It restarted the applicaition pool automatically. Then again I created new web application from central admin and it worked for me.
I've found that these events correlate to when the specified application pools are recycled (mine are at a specific time in the morning). It's unfortunate that they're logged in the event viewer and can't really clean it up.

Resources