K2 BlackPearl - Moving to HTTPS - Exception thrown by target of invocation

  • 10 September 2015
  • 7 replies
  • 26 views
S
Badge +1

Hi Team,

 

We are using K2 blackpearl to manage Workflows in my application. Using K2 API, my asp.net MVC application has been integrated with k2 blackpearl system.

In K2, we have developed SmartObjects which inturn consumes a webservice(HTTP). Now we are migrating asp.net/WebService application to support HTTPS (SSL) mode and hence webservice access protocol has been changed  from HTTP to HTTPS. Because of this change, smart object stopped working (as it was referencing HTTP webservice).

To resolve this, we tried adding new service instance under Dynamic Web Service and updated SmartObject to use new WebService. While executing the SmartObject using SmartObjectTester it returns below error.

Exception has been thrown by target of an invocation.

 

Could anyone please guide me on how to proceed to update SmartObject to use new WebService.

 

Regards

Sasi

7 replies

T
Userlevel 5
Badge +18

1.  This is just a troubleshooting step.  But does create a new test smo from the HTTPS service instance work?  Or does it also error out with the same error?


 


This can tell us if it is an issue with the HTTPS service instance, or with the mapping between the existing SMO and new Service object/service instance.  If the new smartobject from the new service instance work, then perhaps you can just update the existing service instance to point toward https instead?  so that the existing SMO will also work.

S
Badge +1

Hi Tin, Thanks for your reply. I tried your option and it didnt work out. Still its throwing same message. Here are the steps I performed.

1. Created New SmartObject through K2 designer (I am using VS2010), deployed and tested. Throws the same error message when executing the smartobject.

2. Created new SmartObject through SmartObjectTester(right click webservice method and created new SmartObject) and throws the same error message.

3. In new SmartObject, updated the webservice to point to regular webservice (HTTP) and it worked without any issues.

 

I would like to know,

1. are there any settings (in config files) required in server to access HTTPS webservices.?

2. Any ways to debug what is the exception thrown behind the scene while executing SmartObject. I tried to create a standalone winform application and executed the smartobject; it still shows the common error message and innerexception field is still empty.

 

Regards

Sasi

T
Userlevel 5
Badge +18

Perhaps you need to perform the following on the K2 server:


 


https://help.k2.com/onlinehelp/k2blackpearl/userguide/current/webframe.html#Working_With_Certificates.html


 


Please make backups of the relevant files before doing so.

S
Badge +1

Thanks Tin for the feedback. I haven't install certificate in K2 server and I think this is the root cause.

I will have the certificate installed in K2 server, will make necessary changes in K2 host server config file (will definitely take the backup) and will let you know the result.

 

Once again thanks for immediate reply.

S
Badge +1

Hi Tin,

 

I tried with the changes suggested in below K2 article but still it throws the same error. Only step I didnt perform is "Give Service account rights to access the certificate" - I am not sure how to perform this, could you please guide me on this.

 

K2 Article: https://help.k2.com/onlinehelp/k2blackpearl/userguide/current/webframe.html#Working_With_Certificates.html

 

More details about the options that I tired,

 

1. Updated K2HostServer config file with below changes. Registered Certificates in K2 server.

Added Bindings in WSHTTPBinding section,

 <binding name="CertificateServiceContract" closeTimeout="00:30:00" openTimeout="00:30:00" receiveTimeout="00:30:00" sendTimeout="00:30:00" bypassProxyOnLocal="false" transactionFlow="false" hostNameComparisonMode="StrongWildcard" maxBufferPoolSize="524288" maxReceivedMessageSize="296960" messageEncoding="Text" textEncoding="utf-8" useDefaultWebProxy="true" allowCookies="false">
                     <security mode="TransportWithMessageCredential">
                <transport clientCredentialType="None" proxyCredentialType="None" realm="" />
                <message clientCredentialType="Certificate" negotiateServiceCredential="true" algorithmSuite="Default" establishSecurityContext="false" />
            </security>
        </binding>

 

<behaviors>
      <endpointBehaviors>
        <behavior name="ClientCertificateBehavior">
          <clientCredentials>
            <clientCertificate findValue="MyCertificateThumbPrint" storeLocation="LocalMachine" storeName="Root" x509FindType="FindByThumbprint" />
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>

    <client>
          <endpoint address="My HTTPS URL" binding="wsHttpBinding"
          bindingConfiguration="CertificateServiceContract" contract="CertificateServiceContract" name="CertificateServiceContract" behaviorConfiguration="ClientCertificateBehavior"/>
    </client>

 

2. I tried invoking HTTPS WebService with similar changes from my local machine (config changes, certificates) through WCFStorm and it works fine.

 

3. I tried invoking SmartObject with windows application and it results in same error with no additional details.

 

4. Additional information I would like to share about the SSL setup for my webservice is,

SSL/Certificate has been enabled/installed at load balancer level. i.e. client --> loadbalancer --> underlying webserver. From Client to Load Balancer the communication is HTTPS and from Load Balancer to webserver the communication is through HTTP.

 

5. Enabled the logging and checked the log file during smartobject execution and received only below information in log; this doesn't have much details about the exception.

<brokerpackage><brokerpackage><result successful="false"><serviceinstances><serviceinstance name="Service1" guid="8df83dd5-f92c-4c05-9f0f-d5189d6f7f9b"><messages><message severity="Error">Exception has been thrown by the target of an invocation.</message></messages></serviceinstance></serviceinstances></result></brokerpackage></brokerpackage>

 

For any changes in config file, I have restarted K2 service, refresh service instance and smart object.

 

Please let me know if am missing any step(s). Also let me know if there is a way to  get more details about exception.

 

Regards

Sasi

T
Userlevel 5
Badge +18

1. Perhaps try the MMC snapin step as per this doc, but for the K2 service account + full control:


 


https://technet.microsoft.com/en-us/library/ee662329.aspx


 


To manage private keys in Windows Server 2008
- Create a Microsoft Management Console (MMC) with the Certificates snap-in that targets the Local Machine certificate store.
- Expand the MMC and select Manage Private Keys .
- On the Security tab, add the Network Service account with Read access.


 


2. Have you also tried setting the service instance's "Debugging Enabled" = true, perhaps this will give you some additional troubleshooting informations


http://help.k2.com/onlinehelp/k2blackpearl/userguide/current/webframe.html#webservice_endpoint_service.html


 


3. Are you perhaps able to call this HTTPS web service outside of K2 also?


 


https://support.microsoft.com/en-us/kb/901183


 

S
Badge +1

Thanks Tin for your alternate debugging steps. Before I share further details, I would like to say that - the issue has been resolved and details below.

 

1. While analysing the WSDL output, found that soap:address location attribute returns the HTTP URL instead of HTTPS.
(Since SSL has been enabled in Load balancer level, this attribute returns underlying web URL).

 

2. Implemented an extension class to my webservice to update this attribute value from HTTP to HTTPS weburl.

Ref:http://blogs.msdn.com/b/kaevans/archive/2005/11/16/493496.aspx

 

3. Updated existing service instance ref from HTTP to HTTPS through Smart Object Tester.

 

I have also rollback all the K2 config changes, Certificate installation and all other changes I did for this issues. With this, I am able to execute my SmartObject methods successfully and did a round of testing with my application as well in Development environment and all the functionalities are working as expected.

 

Thanks Tin for your extended support and for your immediate responses to my queries.

 

Regards
Sasi

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings