Skip to main content
Nintex Community Menu Bar
 
 
 

K2 Configuration Service does not start "Exception Info: System.InvalidOperationException: Certificate not found"

kbt170975


PRODUCT
 
K2 Five 5.2 to 5.3


BASED ON
 
K2 Five 5.2
 
This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.

 
 

Issue

 

When attempting to start the K2 Configuration Service it will fail with the an error in the Event Viewer:

 

Application: SourceCode.Configuration.Api.exe CoreCLR Version: 4.6.27129.4

 

Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException: Certificate not found: CN=NAME (CN=K2 On Premise Root, O=K2) in LocalMachine/My at SourceCode.Configuration.Kestrel.CertificateLoader.LoadFromStoreCert(String subject, String issuer, String storeName, StoreLocation storeLocation) at SourceCode.Configuration.Kestrel.KestrelLoadExtensions.UseKestrel(IWebHostBuilder webHostBuilder, CustomKestrelSettings settings)
at SourceCode.Configuration.Api.Program.CreateWebHostBuilder(Stringl] args)
at SourceCode.Configuration.Api.Program.Main(StringM] args)
-----------------------------------------------------------
Faulting application name: SourceCode.Configuration.Api.exe, version: 0.0.0.0, time stamp: 0x5b58a311 Faulting module name: KERNELBASE.dll, version: 10.0.14393.3085, time stamp: 0x5d1d7c66 Exception code: 0xe0434352 Fault offset: 0x0000000000034c48
Faulting process id: 0x1b7c Faulting application start time: 0x01d56728f111d8af
Faulting application path: C:Program FilesK2SourceCode.Configuration.ApiSourceCode.Configuration.Api.exe
Faulting module path: C:WindowsSystem32KERNELBASE.dll Report Id: e13ccc85-7d81-4bd8-a725-a2f20bf25f35 Faulting package full name:
Faulting package-relative application ID:

 

You will also note when K2 Five was installed the below error will be raised in the Installer traces which can be found in %temp% folder on the K2 Server.

Logged Error: Group run failed with exception: System.NullReferenceException: Object reference not set to an instance of an object. at SourceCode.Install.Package.Actions.Windows.ExecutePowerShellScript.Execute(Target target) at SourceCode.Install.Package.Targets.Target.Execute() at SourceCode.Install.Package.Actions.ActionGroup.Execute(Target target)
Log.WriteUnindent: End Action Group: Make MICRO_SSL_CERT, Run Passed: False
Target.Execute: !Completed: Make MICRO_SSL_CERT, Success: False
ActionGroup.Execute: Logged Error: Target failed to execute: Make MICRO_SSL_CERT
ActionGroup.Execute: Running sub action: Ensure Certs
Target.Execute: !Running: Ensure Root Cert
Target.Execute: Process target: Ensure Root Cert
RunProcess.Execute: Start executing external process.

 

Symptoms

 

This will cause the K2 Server Service to fail and Users will not be to access the environment.

 

Resolution

 

To resolve this issue, direct database modification will be required. Please log a K2 Support Ticket on the K2 Customer Portal for assistance in resolving the issue. The information below will be needed to do the alteration.

 
 
 

 REQUIREMENT 1

 

USE
GO
SELECT * FROM Hostserver.Configuration

 

REQUIREMENT 2

 

Open Certmgr.msc and determine the amount of K2 On Premise Root Certificates on the environment in the Personal and Trusted Root Certification Authorities folders.

 

Example of the information needed:

 

 

Note that you will possibly be requested to re-run the repair option on the K2 Setup Manager.

 

Please note that direct K2 database modification is not allowed as it might leave the environment in an unsupported state. This must only be done with the assistance of, or when instructed to do so by K2 Support. 

 

============================================================

Solution:

Open CertificateManager.exe

C:\Program Files\K2\Setup\CertificateManager.exe

Press a

 

20E7EEEEEEEEEEEEEEEEEEEEA37F501D56ECC66E

  ConsoleLogger.WriteUnindent:End Get All Personal Certificates
CBABB0BEEEEEEEEEE48BB9C364A87A746F0DF9C  CN=Server-01
C7EF9B80EEEEEEEEFE4666CF83DDA6CD1EDB58F  CN=Environment Owner, O=K2
9E9726DEEEEEEEEEEE79AA44932A50AFD4932514  CN=K2ServerFarmSTG
878A49EEEEEEEEEEEEEEE18D64FFF1B3860C7D1  CN=K2 OAuth High Trust
7F18E8EEEEEEEEEEEEEE37DB379F12B687C60C5  CN=Server-01
2CB1EEEEEEEEEEEEEEEEFBD760C1F05F4364625  CN=sourcecode-appit-apptemplates
20E7EEEEEEEEEEEEEEEEEEEEA37F501D56ECC66  CN=K2 On Premise Root, O=K2
 

All you have to do is to update the  Hostserver.Configuration Table fields

with the NEW SERVER Certificates

 

USE WK2]

--CN=Environment Owner, O=K2
UPDATE Hostserver.Configuration SET VariableValue  = 'C7FFFFFFFFFFFFFFFCF83DDA6CD1EDB58FA' WHERE VariableToken = 'FCLIENT_AUTH_CERT_THUMBPRINT]'

--K2 STS Certificate
UPDATE Hostserver.Configuration SET VariableValue  = '7FFFFFFFFFFFFFFFFFFFFFF687C60C56' WHERE VariableToken = 'FSTS_THUMBPRINT]'

--K2 Self Signed Certificate Server-01 : K2
UPDATE Hostserver.Configuration SET VariableValue  = '7CBFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC9' WHERE VariableToken = 'FSP_CERT_THUMBPRINT_WS]'

--CN=K2 On Premise Root, O=K2
UPDATE Hostserver.Configuration SET VariableValue  = '20E7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFECC66E' WHERE VariableToken = 'FROOT_CERT_THUMBPRINT]'

--CN=K2ServerFarmSTG
UPDATE Hostserver.Configuration SET VariableValue  = '9EFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF32514E66' WHERE VariableToken = 'FMICRO_SSL_CERT_THUMBPRINT]'

 

And Run K2 Configuration again.

 

Moving Nintex K2 Five 5.3 To New Servers
Move K2 Five Database to New Server

Install New K2 Server With The Same Database

 

We’ve update from Microsoft windows server 2016 to 2019 Successfully

Setup The same Version of K2 Five With New temp Database First.

Move K2 Five Database To the new server SQL Server 2019 instead of 2016 with MasterKey Import/Export.

Modify HostServer.Configuration table on Database with our data existed.

Run the install to connect to Database with our data existed Successfully.

 

i hope this article will help people like me searching for this information all over the internet and didn't found it.

Regards.

Be the first to reply!

Reply