Background:
1 Primary site, 2 MPs, both use the site db -
1 in the DMZ - which is a domain joined MP, supports HTTPS
1 supports HTTP
The application catalog web service point is HTTP and application catalog website point (HTTPS) are both on the Management point
All servers are Windows Server 2012 R2, SCCM 2012 R2, SQL 2012
Within the last week, I've now been getting the following errors every hour:
Portal Web Site Control Manager detected PORTALWEB is not responding to HTTP requests. The http error is 12030.
Possible cause: IIS service is not responding.
Solution: Manually restart the W3SVC service on the PORTALWEB.
For more information, refer to Microsoft Knowledge Base article 838891.
Message ID is 8001
Restarting the service doesn't work, KB 838891 didn't work.
Snippet from portctl.log on the MP that is HTTP:
Starting certificate maintenance... $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
Successfully completed certificate maintenance $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
SSL is enabled. $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
Using thread token for request $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
Failed to send http request /CMApplicationCatalog//default.aspx. Error 12030 $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
Call to HttpSendRequestSync failed for port 443 with 12030 error code. $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
PORTALWEBs http check returned hr=0, bFailed=1 $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
PORTALWEB's previous status was 1 (0 = Online, 1 = Failed, 4 = Undefined) $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
Health check operation failed, error code is 12030 $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
STATMSG: ID=8001 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_PORTALWEB_CONTROL_MANAGER" SYS=MgmtPt.domain SITE=009 PID=1500 TID=4336 GMTDATE=Tue Feb 11 16:01:33.900 2014 ISTR0="12030" ISTR1="" ISTR2="" ISTR3=""
ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.900+300><thread=4336 (0x10F0)>
Completed the PORTALWEB availability check against local computer. $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.931+300><thread=4336 (0x10F0)>
Waiting for changes for 60 minutes $$<SMS_PORTALWEB_CONTROL_MANAGER><02-11-2014 11:01:33.931+300><thread=4336 (0x10F0)>
From the ServicePortalWebSite log on the Managment Point, I see this message:
PID:2944][02/11/2014 14:58:26] :System.ServiceModel.Security.SecurityNegotiationException: SOAP security negotiation with 'http://MgmtPt.domain/CMApplicationCatalogSvc/ApplicationOfferService.svc' for target 'http://MgmtPt.domain/CMApplicationCatalogSvc/ApplicationOfferService.svc' failed. See inner exception for more details.
What/where is "inner exception"?
Also, in addition to getting this fixed, I'm wondering if I should move the app catalog roles to the server in the DMZ since the app catalog will be supporting both MACS and Windows clients?
Since I have 2 management points, I didn't think that they both had to be HTTPS? But do they based on "Call to HttpSendRequestSync failed for port 443"....?
And, of course, I am getting the "cannot connect to application server" when trying to open the application catalog. I see the tabs, etc, but no apps.
- Edited by mandp Tuesday, February 11, 2014 8:24 PM