K2 Configuration Service does not start "Exception Info: System.InvalidOperationException: Certificate not found"
kbt170975
PRODUCT
BASED ON
Issue
When attempting to start the K2 Configuration Service it will fail with the an error in the Event Viewer:
Application: SourceCode.Configuration.Api.exe CoreCLR Version: 4.6.27129.4
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException: Certificate not found: CN=NAME (CN=K2 On Premise Root, O=K2) in LocalMachine/My at SourceCode.Configuration.Kestrel.CertificateLoader.LoadFromStoreCert(String subject, String issuer, String storeName, StoreLocation storeLocation) at SourceCode.Configuration.Kestrel.KestrelLoadExtensions.UseKestrel(IWebHostBuilder webHostBuilder, CustomKestrelSettings settings)
at SourceCode.Configuration.Api.Program.CreateWebHostBuilder(String[] args)
at SourceCode.Configuration.Api.Program.Main(String[] args)
-----------------------------------------------------------
Faulting application name: SourceCode.Configuration.Api.exe, version: 0.0.0.0, time stamp: 0x5b58a311 Faulting module name: KERNELBASE.dll, version: 10.0.14393.3085, time stamp: 0x5d1d7c66 Exception code: 0xe0434352 Fault offset: 0x0000000000034c48
Faulting process id: 0x1b7c Faulting application start time: 0x01d56728f111d8af
Faulting application path: C:Program FilesK2SourceCode.Configuration.ApiSourceCode.Configuration.Api.exe
Faulting module path: C:WindowsSystem32KERNELBASE.dll Report Id: e13ccc85-7d81-4bd8-a725-a2f20bf25f35 Faulting package full name:
Faulting package-relative application ID:
You will also note when K2 Five was installed the below error will be raised in the Installer traces which can be found in %temp% folder on the K2 Server.
Logged Error: Group run failed with exception: System.NullReferenceException: Object reference not set to an instance of an object. at SourceCode.Install.Package.Actions.Windows.ExecutePowerShellScript.Execute(Target target) at SourceCode.Install.Package.Targets.Target.Execute() at SourceCode.Install.Package.Actions.ActionGroup.Execute(Target target)
Log.WriteUnindent: End Action Group: Make MICRO_SSL_CERT, Run Passed: False
Target.Execute: !Completed: Make MICRO_SSL_CERT, Success: False
ActionGroup.Execute: Logged Error: Target failed to execute: Make MICRO_SSL_CERT
ActionGroup.Execute: Running sub action: Ensure Certs
Target.Execute: !Running: Ensure Root Cert
Target.Execute: Process target: Ensure Root Cert
RunProcess.Execute: Start executing external process.
Symptoms
This will cause the K2 Server Service to fail and Users will not be to access the environment.
Resolution
To resolve this issue, direct database modification will be required. Please log a K2 Support Ticket on the K2 Customer Portal for assistance in resolving the issue. The information below will be needed to do the alteration.
REQUIREMENT 1
USE [K2]GO SELECT * FROM Hostserver.Configuration
REQUIREMENT 2
Open Certmgr.msc and determine the amount of K2 On Premise Root Certificates on the environment in the Personal and Trusted Root Certification Authorities folders.
Example of the information needed:
Note that you will possibly be requested to re-run the repair option on the K2 Setup Manager.
Please note that direct K2 database modification is not allowed as it might leave the environment in an unsupported state. This must only be done with the assistance of, or when instructed to do so by K2 Support.
============================================================
Solution:
Open CertificateManager.exe
C:\Program Files\K2\Setup\CertificateManager.exe
Press a
[Thumbprint]
20E7EEEEEEEEEEEEEEEEEEEEA37F501D56ECC66E
ConsoleLogger.WriteUnindent:End Get All Personal Certificates
CBABB0BEEEEEEEEEE48BB9C364A87A746F0DF9C CN=Server-01
C7EF9B80EEEEEEEEFE4666CF83DDA6CD1EDB58F CN=Environment Owner, O=K2
9E9726DEEEEEEEEEEE79AA44932A50AFD4932514 CN=K2ServerFarmSTG
878A49EEEEEEEEEEEEEEE18D64FFF1B3860C7D1 CN=K2 OAuth High Trust
7F18E8EEEEEEEEEEEEEE37DB379F12B687C60C5 CN=Server-01
2CB1EEEEEEEEEEEEEEEEFBD760C1F05F4364625 CN=sourcecode-appit-apptemplates
20E7EEEEEEEEEEEEEEEEEEEEA37F501D56ECC66 CN=K2 On Premise Root, O=K2
All you have to do is to update the Hostserver.Configuration Table fields
with the NEW SERVER Certificates
USE [K2]
--CN=Environment Owner, O=K2
UPDATE Hostserver.Configuration SET VariableValue = 'C7FFFFFFFFFFFFFFFCF83DDA6CD1EDB58FA' WHERE VariableToken = '[CLIENT_AUTH_CERT_THUMBPRINT]'
--K2 STS Certificate
UPDATE Hostserver.Configuration SET VariableValue = '7FFFFFFFFFFFFFFFFFFFFFF687C60C56' WHERE VariableToken = '[STS_THUMBPRINT]'
--K2 Self Signed Certificate Server-01 : K2
UPDATE Hostserver.Configuration SET VariableValue = '7CBFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC9' WHERE VariableToken = '[SP_CERT_THUMBPRINT_WS]'
--CN=K2 On Premise Root, O=K2
UPDATE Hostserver.Configuration SET VariableValue = '20E7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFECC66E' WHERE VariableToken = '[ROOT_CERT_THUMBPRINT]'
--CN=K2ServerFarmSTG
UPDATE Hostserver.Configuration SET VariableValue = '9EFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF32514E66' WHERE VariableToken = '[MICRO_SSL_CERT_THUMBPRINT]'
And Run K2 Configuration again.
Moving Nintex K2 Five 5.3 To New Servers
Move K2 Five Database to New Server
Install New K2 Server With The Same Database
We’ve update from Microsoft windows server 2016 to 2019 Successfully
Setup The same Version of K2 Five With New temp Database First.
Move K2 Five Database To the new server SQL Server 2019 instead of 2016 with MasterKey Import/Export.
Modify HostServer.Configuration table on Database with our data existed.
Run the install to connect to Database with our data existed Successfully.
i hope this article will help people like me searching for this information all over the internet and didn't found it.
Regards.
