You are viewing limited content. For full access, please sign in.

Question

Question

Testing SSL - No Response Received From the Server

Laserfiche
Updated April 3, 2016
asked on March 25, 2016 Show version history

I have followed the instructions here: https://www.laserfiche.com/support/webhelp/Laserfiche/10/en-us/administration/Default.htm#../Subsystems/LFAdmin/Content/Using_SSL_TLS.htm

But when I attempt to connect with the client, I get the error "No Response Received from the Server [780]"

  • I have a certificate installed on the laserfiche server Certificates (Local Computer)\Personal\Certificates.
  • It was issued by a trusted root certification authority to the FQDN of my server.  That authority is also a trusted root certification authority on the client machine.
  • I specified the ssl port in HKLM\Software\Laserfiche\Engine\8.0\HttpServ\SSLPort
  • I ran netsh http add sslcert ipport=0.0.0.0:443 certhash=MYCERTHASH appid={00112233-4455-6677-8899-AABBCCDDEEFF}
  • I restarted the Laserfiche Server Service
  • When I attach the repository from the client I get "No Response Received from the Server"

 

I'm out of ideas troubleshooting this,

Thanks for any help!

EDIT: This is Laserfiche Server version 9.1.1.545

EDIT 2: I linked documentation for Laserfiche 10 because the documentation for 9.1 uses httpcfg to create the configuration record.  Httpcfg is obsolete and replaced by similar functionality in netsh described in the documentation I linked.

laserfiche no response.png
laserfiche no response.png (11.41 KB)
Download
0 0

Answer

SELECTED ANSWER
replied on March 30, 2016

Running LFS in command line revealed the problem!  

HttpServ: Attempting to listen on secure port 1091...

1091 is 443 in hexadecimal.  I changed the registry entry SSLPort to use Decimal Base, corrected the value back to 443, restarted and it works!

Thanks very much Michael, Miruna and Ben!

sslport hexadecimal.png
sslport hexadecimal.png (3.85 KB)
Download
1 0

Replies

replied on March 28, 2016

HI Erik, 

 

Just to confirm, was the certificate issued to edmtest.ad.jacksoncounty.org or ad.jacksoncounty.org because unless your certificate is a wildcard SSL type, I think you'll need a different one for your edmtest domain. 

Ben

0 0
replied on March 28, 2016

The certificate was issued specifically to edmtest.ad.jacksoncounty.org by a trusted certificate authority within my domain (ad.jacksoncounty.org).  It is not a wildcard cert.

0 0
replied on March 28, 2016

Is port 443 open in the Laserfiche Server's firewall?

0 0
replied on March 28, 2016

Yes, inasmuch as the server has no firewall enabled.

0 0
replied on March 28, 2016

Just spit-ballin' here but have you tested SSL with LF by using IIS? If so, double checked all of your IIS settings...

  • IIS installed on your LF Repository server.
  • Bnd the certificate to Default Web Site: hostname=edmtest.ad.jacksoncounty.org,  Port=443, Type=HTTPS, IP Address=* (or what ever IP is appropriate for your environment)
  • I'd also set "Client certificates" to Ignore under the SSL Settings for the Default Web Site for testing.

 

 

replied on March 28, 2016

Ben, I bound the ssl certificate to the default website, with client certificates set to "Ignore"

I can view my site with https and everything looks good, details shown in the screenshot.

https weblink.png
https weblink.png (23.08 KB)
Download
0 0
replied on March 28, 2016 Show version history

Great news!

This order may look odd but I deleted a reply after posting it. The steps I suggested, to test the cert, were:

  • Install IIS on the LF repository server
  • Bind the certificate to the Defaults Web Site with Type=HTTPS, Host Name=edmtest.ad.jacksoncounty.org <or FQDN on the certificate>, Port=443, IP Address = * <or the appropriate IP address>
  • Set the SSL settings to Ignore the Client Certificates

 

-Ben

0 0
replied on March 28, 2016

It's good to know the certificate works.  I still am stuck getting the client to attach to that repository.  :-/

0 0
replied on March 29, 2016

Try the following if the LFS service is not running as the Local System account: stop the LFS service and run lfs.exe in the Laserfiche Server program directory from a Windows command prompt as the same user account that the LFS service is configured to run as. If LFS is configured properly, there will be a line that says HttpServ: Attempting to listen on secure port 443... followed by another line that says Listening on secure port 443. You can now start the LFS service again. Do you see that output, or are those lines missing, or is an error printed?

If the LFS service is configured to run as Local System, the above check isn't reliable. Laserfiche Technical Support would probably have to assist in this case.

1 0
SELECTED ANSWER
replied on March 30, 2016

Running LFS in command line revealed the problem!  

HttpServ: Attempting to listen on secure port 1091...

1091 is 443 in hexadecimal.  I changed the registry entry SSLPort to use Decimal Base, corrected the value back to 443, restarted and it works!

Thanks very much Michael, Miruna and Ben!

sslport hexadecimal.png
sslport hexadecimal.png (3.85 KB)
Download
1 0
replied on April 3, 2016

No worries, glad you got it fixed. :-) 

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...