Handy for a batch maintenance operation a customer had to run on a few hundreds servers: they basically needed to do what’s described in this article but in a script rather than from the IIS GUI. From Shared Configuration (Appendix 3): By default, IIS includes two main providers for securing properties. These providers are located in the applicationHost.config file’s <configProtectedData> configuration section and are defined in the <providers> element. The AesProvider is specific to dealing with encryption and decryption for properties that are in the system.webServer section. The IISWASOnlyRsaProvider is specific to dealing with encryption and decryption for properties that are in the system.applicationHost section. These keys are in the iisConfigurationKey and iisWasKey key containers and are machine-specific. In a Web farm scenario, if encryption is required, then a key from one machine – usually the one that created the applicationHost.config file – is exported and brought into the other machines so that secure properties can be decrypted and used by the Web server So just copy the .config files from “C:\Windows\System32\Inetsrv\config” and use aspnet_regiis –px to export the Keys: aspnet_regiis -px “iisConfigurationKey” “D:\iisConfigurationKey.xml” -pri To import the Keys on another machine run the following: aspnet_regiis -pi “iisConfigurationKey” “D:\iisConfigurationKey.xml” The…
-
-
Error 502 – Web server received an invalid response while acting as a gateway or proxy server
I saw this error some time ago while working on an eCommerce solution. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server. Redirect/move happens like it should, but after approximatively 2 minutes after posting an order the user receives an http error 502. The order is correctly processed by SAP but the web applications is built in a way that the user is getting a confirmation page when the order is processed: this page is never presented to the user due to the 502 error. FREB gave us further details about the error: 502.3, 2147954417 which translates into ERROR_INTERNET_OPERATION_CANCELLED. This lead me to this post which describes a different error but based on the same principle and the solution still applies to our scenario: we increased the proxy timeout to 5 minutes to accommodate all reasonably long running requests and the problem was solved. appcmd.exe set config -section:system.webServer/proxy /timeout:"00:05:00" /commit:apphost Carlo It’s not the size of the dog in the fight, it’s the size of the fight in the dog. Mark Twain
-
Moving to Windows 2008: smartcard slow performance?
Suppose you have a web application which authenticates clients through a smartcard certificate and everything is working fine, then you decide to move your web application to Windows Server 2008 (which is a good decision in many ways ?) but your users are suddenly complaining about slow performance, pages are loading slower than they used to do and you cannot find any explanation on the network infrastructure, everything seems to be properly configured on the client and on the server… what is happening? Well, as you can imagine this is what happened to a customer I worked with recently. A closer look at the client showed that every time a new object in the page was loaded (images, script files, css…) the smartcard was checked for the certificate, resulting in a major performance loss. To make the story short, the behavior is controlled by client certificate negotiation, specifically by SSLAlwaysNegoClientCert which in IIS 7 has been moved to http.sys (see http://learn.iis.net/page.aspx/110/changes-between-iis-60-and-iis-7-security/); you can configure the <access> element as described or using netsh with a command such as the following: netsh http add sslcert ipport=0.0.0.0:$port certstorename=MY certhash=$Certhash appid=$Appnr sslctlidentifier=$CTLlijst sslctlstorename=CA clientcertnegotiation=enable Carlo Quote of the day: Human beings are perhaps never…
-
Automatic postback does not fire for TextBox control
I recently come across an interesting request which read like this: A simple webapplication with one Textbox and one label. The Textbox has Autopostback=”true” and has an event listener attached to the TextChanged event. In the TextChanged event the label’s text is set to the text in the textbox. A javascript function “formats” the value of the textbox on the keyUp event. The ”problem” The postback is not fired for a textbox if a javascript function sets the value of the textbox in the keyDown or keyUp event. This only occurs in IE (IE 8, IE 7, FF 3.6.8, Opera 10.6 and Chrome 5 has been tested). No javascript errors or any kind of error message, the postback is just not being fired. And here’s a sample page to reproduce the problem: <%@ Page Language="vb" AutoEventWireup="false" ValidateRequest="false" EnableEventValidation="false" EnableViewStateMac="false" %><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head runat="server"> <title></title> <script type="text/javascript" language="javascript"> function FormatTextBox(obj) { //This is just a dummy function that adds $ as the first character. var value = obj.value if (value.length > 0 && value.charAt(0) != '$') value = '$' + value; obj.value = value; // This line causes the autopostback not to fire. This only…
-
Sometimes they come back
Stephen King fans like me for sure know Night Shift, a collection of 19 short stories I first read almost (oh, my…) almost 20 years ago. In Italian the title of this collection has been translated as “A volte ritornano” which literally means Sometimes they come back. This is exactly what I thought yesterday when I got yet another version of the “503 Service Unavailable” error: after I have already written about this error here and here, I’m writing the third post about it. I’m wondering if I’ll end up with a 19 post collection as Night Shift has… 😏 Anyway, here’s the new story: the application pools of this web server were failing with the following error (eventid 281) The worker process for application pool ‘MSExchangeOWAAppPool’ encountered an error ‘Unrecognized attribute ‘precondition’ trying to read global module configuration data from file ‘\\?\C:\inetpub\temp\apppools\MSExchangeOWAAppPool.config’, line number ‘281’. Worker process startup aborted. As you can see the precondition keyword is mistyped (it should be preCondition, capital “C”) and if we changed the .config file mentioned in the error message we were able to start our application pool but randomly (most of the time after a reboot, though) the problem came back. Interesting…
-
My GridView does not want to paginate anymore!
Lots of stuff kept me busy over the last few months and this blog has been a bit too quiet… let me try to revamp it a bit (new graphic layout will come later). I recently worked on an interesting case where a simple GridView with pagination enabled was not working as expected: every time we clicked a different page (note, page referred to the GridView pages, not .aspx pages…) we were quickly brought back to the first page: no errors logged anywhere (IIS logs, Fiddler, event viewer… nothing really useful there). Then we decided to make a quick test: we bypassed the ISA proxy and everything started working fine, no way to reproduce the problem again; needless to say, as soon as we reconfigured the proxy in IE the problem came back. My colleague Alvar works also on ISA cases and suggested the article POST requests that do not have a POST body may be sent to a Web server that is published in ISA Server 2006 and this actually did the trick, problem solved! Thanks Alvar ? Carlo Quote of the day: Great people talk about ideas, average people talk about things, and small people talk about wine.…
-
Make your own keyboard for free
I’ve been using the new Arc Keyboard for a few weeks now and I’m very pleased with it, I like it especially for typing. But (there is always a “but” ?)… Unfortunately I have to say this keyboard is not very practical when working with Windbg or Visual Studio (at least with the Italian layout) where you have to type special characters such as tilde (~) or braches ( { } ). Well, it is possible to get braches with the key combination ATL GR+SHIFT+è for the open one and ALT GR+SHIFT++ or ALT+123 and ALT+125 on the numpad if available and despite the weird key combination I got used to press it with only one hand and my typing flow was acceptable, even on a laptop where the numpad cannot be used. Anyway I’ve not been able to find how to get the tilde sign on an Italian keyboard without using the numpad combination (ALT+126), this means I cannot use neither my laptop nor the Arc Keyboard for coding… Should I use two different keyboards, then? No way ? Bing came to the rescue and pointed me to the Keyboard Layout Creator that, among other things, allows to modify…
-
IDEVDataCollector source code available for download
Download it from the IDEVDataCollector page ? Don’t expect too sophisticated coding techniques (at least it gets the job done), let me know what you think, I’m open for suggestions and feature requests ? Carlo Quote of the day: …when you have eliminated the impossible, whatever remains, however improbable, must be the truth. – Sir Arthur Conan Doyle
-
IDEVDataCollector adds IIS6 support
It took me some time (mostly because of other demanding tasks and commitments I have for my daily job) but finally I have just updated IDEVDataCollector to support IIS 6, it’s available at the tool main page: https://www.cloudnotes.io/idevdatacollector/. Give it a try and let me know what you think ? P.s. Yes, I’m planning to release the source code too, stay tuned! Carlo Quote of the day: Clothes make the man. Naked people have little or no influence on society. – Mark Twain
-
Which files to collect? Here’s a tool for you
Over the last couple of months among other things I’ve been working on a tool to automatically the logs and information in my team we usually ask at the beginning of a new Support Call: all standard things such as IIS logs, event logs, .config files etc… Not all of those files are necessary for every case (as usual it depends on the problem at hand), but experience tells me the more information we have about the environment, the more chances we have to spot small inconsistencies, configuration problems etc… that sometimes can lay unnoticed and interfere with our work. So, enter our guest: IDevDataCollector I tried to keep the UI as simple and organized as possible, utilization is very easy, just run it and click the “Collect” button, sit there a couple of minutes (how much exactly will depend on the logs collected) and you’re done ?. Please note that I’m still working on it, this is just a preview release but I’d love to have your feedback/bug reports/feature requests etc…, keeping in mind that the scope of this tool is to facilitate troubleshooting and data collection for IIS/ASP.NET related problems, I am not interested (and probably do not…