I’m Installing the latest release from kinetic for one of our clients. The topology is 2 VMs on 1 Server, one for the database, and one for the application.
I have added the database for an environment called Pilot, then I added the application server, once added I checked the connection, but it was not connecting.
it is giving me the error below:
System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
at System.Net.HttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.Net.Http.HttpClientHandler.GetResponseCallback(IAsyncResult ar)
--- End of inner exception stack trace ---
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at Epicor.Mfg.Administration.ServerManagement.ApplicationServerManager.Forms.HelperClasses.ConfigurationApiHelper.FetchApiConfiguration(String endpointUrl)
at Epicor.Mfg.Administration.ServerManagement.ApplicationServerManager.Forms.NewSessionForm.BackgroundWorker_DoWork(Object sender, DoWorkEventArgs e)
at System.ComponentModel.BackgroundWorker.OnDoWork(DoWorkEventArgs e)
at System.ComponentModel.BackgroundWorker.WorkerThreadStart(Object argument)
I was wondering if anyone had encountered this issue before?
Looks like a certificate problem. Check the certificate you have deployed with. I assume you used a self signed certificate? You might not have the Key Usage values correct. At a minimum, it needs these:
Couple of thoughts here. Would be interested to see the details of the App Server from the Epicor Admin Console. This is all from the console of the app server?
Certificate matches the one from your screenshot?
Application Pool: Are you using a Domain account(local admin for simplicity of testing here) for this? If not, I would. This may require changes to the Database Connection tab too if you weren’t already using a Domain Account here. You can dial back the permissions after you get it working if you like.
If you change either of those, you’ll have to deploy again.
Other thing to check would be the server’s event log. You might get more details there. Especially if there happens to be a duplicate certificates, the event log might be your only indicator. Check both the default Application Event Log and the Epicor App Server one to see if there are any additional details there.
And that account is the same account you used to install Kinetic?
I feel that there is something incorrect with the directory permissions for the website.
If this is a new install, I would be going back through the installation document and ensuring that all the steps have been followed, including the configuration of the server, and making sure you have the correct version of .net core and the hosting bundle ect.
Nevermind, the certificate which was created in the Epicor Administration Console during “Add the Application Server” step in the installation guide was missing the Keyset.
I have not tried with 2024.2, but I think that is a standing issue with older versions for sure. The cert generated within the EAC is no longer sufficient and you have to generate one manually.
It’s not so much a big as an outdated standard. The self signed certificate that gets generated within the EAC worked just fined for years, but as standards change and SSL/TLS requirements evolve, it just doesn’t meet the current needs.
