Symptoms

We are having an issue with the AppDeployment.exe step of the K2 for SharePoint installation. The OAuth high trust is not being created correctly.

Below are the steps that we have preformed,
• When the appdeployment.exe is executed, it is generating the S2Ssetup.ps1 file, which needs to be executed manually in the PowerShell to get the trusted root authority. The error is occurring while executing the ps1 file which is not able to configure the high trust certificate in SharePoint server.
• Also we tried to create K2 high trust certificate in SharePoint server, by executing the scripts manually in PowerShell. While installing, instead of looking for "K2 for SharePoint" certificate the current K2 AppDeployment configuration is looking for "K2 for SharePoint with Servername and Port number".
• There is no certificate installed with the above said details. In all the reference documents that we could find, the certificate name is mentioned as "K2 for SharePoint". We have created the certificate with the Server name and Port name, but while installation, this certificate is getting deleted by the configuration script.


Analysis Result
K2 for SharePoint 2013 On-Premises
----------------------------------
The task is not complete as one or more of its dependencies failed.
Duration: 0 seconds
Server 2 Server High Trust
--------------------------
The task is not complete as one or more of its dependencies failed.
Duration: 0 seconds
Verify Root Authority
---------------------
Analysis Result : Failed
A Trusted Root Authority was not found for App: K2 for SharePoint-gtnaduzwk2b001
URL rootK2K2 Installation Package 4.6.9K2 for SharePoint 4.6.9 (4.13350.1660.1)InstallationConfiguration Analysis ScriptsServer2Server_VerifyTrustedRootAuthority.ps1, : Text View script
Verify Security Token Issuer
----------------------------
Analysis Result : Failed
A Trusted Security Token Issuer was not found for App : K2 for SharePoint
Verify K2 OAuth High Trust for SharePoint Farm
----------------------------------------------
Analysis Result : Warning

Metadata and OAuth exchange over HTTP
-------------------------------------
Analysis Result : Warning
Some Web Applications are setup with (HTTP) and may require additional configuration to allow OAuth and Metadata exchange over Http.
AllowOAuthOverHttp is not enabled.
AllowMetadataOverHttp is not enabled.

Kerberos authentication and the new SharePoint app model
--------------------------------------------------------
Information:
If you are using Windows claims mode for user authentication and the web application is configured to use only Kerberos authentication without falling back to NTLM as the authentication protocol, then app authentication does not work.

Upload Test App
---------------
Analysis Result : Warning
---------------------------
Installed : False
Able to access the test app : False
Access error: The System Account cannot perform this action.
 

Diagnoses

Issue connecting to the Metadata Endpoint.
 

Resolution

The customer was able to resolve the issue using the following KB: http://help.k2.com/kb001672