We have the following setup :
Single Node UAG with HTTPS trunk using ADFS 2.0 :
a claims aware Sharepoint 2010 site published with the SP 2010 template as :
Public host name : host_public
Server : host_internal
HTTPS port : 443
A hardware Load balancer with a VIP listening on host_internal:443 with a SSL certificarecert_a
with 2 backend Sharepoint 2010 Win 2008 R2 servers using SSL with certificatecert_a
When we're opening the following url on the UAG server itself : https://host_internal/_vti_bin/shtml.dll(to test the extensions), we're receiving a "Sharepoint Foundation Error".. which is normal but we can acces the extension.
When doing the same on a client machine : https://host_public/_vti_bin/shtml.dll we receive an "HTTP 500 - Internal server error ". So we're unable to acces the extension. When we run a trace on uag we do see 3 errors:
[0]10b8.1578 10/15/2014-10:03:09.286 [01eb7c40-f800-0000-1b7e-35aca4e7cf01] [sslbox SSLMachine::HandleDecryptMessageErrorSSLMachine.cpp@753] ERROR:SSLMachine::Read(): DecryptMessage failed (SEC_I_CONTEXT_EXPIRED) Error: 0
[0]10b8.1578 10/15/2014-10:03:09.286 [01eb7c40-f800-0000-1b7e-35aca4e7cf01] [whlcspssl CCSPSSLDevice::SSLReadWhlCSPSSLDevice.cpp@2836] ERROR:SSLRead(3, 5356, host_internal:443, 0000000003A55390): m_pSSLMachine->Read() returned false
[0]10b8.1578 10/15/2014-10:03:09.286 [01eb7c40-f800-0000-1b7e-35aca4e7cf01] [whlcspssl CCSPSSLDevice::ReadStateInternalReadWhlCSPSSLDevice.cpp@2465] ERROR:ReadStateInternalRead(3, 5356, host_internal:443, 0000000003A55390, ReadSSLBox): SSLRead() returned CSP_SSL_FAIL, Last read request returned CSP_SSL_MORE_R
Unknown(234): GUID=03a4e905-377a-c24e-e675-8737734d2c95 (No Format Information found).
Unknown(436): GUID=03a4e905-377a-c24e-e675-8737734d2c95 (No Format Information found).
When we run the following url : https://host_public/_vti_bin/lists.asmx we do get to see all supported operations on the lists.asmx webservice.. So there's no SSL decrypting problem there...
Anyone has an idea on why this is happening and only on the shtml.dll?
Thanks
Frederik
