Changed setting to no proxy but not solved problem Proxy Error The proxy server received an invalid response from an upstream server. The proxy server could not handle the request GET /iam/services/setContext. Reason: Error reading from remote server

This problem only happens with one website when I try to follow hyperlinks to other pages. They have directed me to Firefox troubleshooting section. I have followed the advice there but it has not solved my problem.

I haven't been able to go on line since 7.01 and up. I have to use ieexplorer. are you idiots or what. I can't even contact you because i have to be in your latest version but i can't get the internet with the latest version. good bye for good

Similar Messages

Questions Tags Users Badges Unanswered Ask Question 502 - Web server received an invalid response while acting as a gateway or proxy server while accessing wcf hosted in azure

I have just a simple WCF service and which is protected by azure ACS .I am getting this error while trying to invoke the service from a client.The WCF is hosted as a simple azure website.
502 - Web server received an invalid response while acting as a gateway or proxy server
There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.
This is my web.config for the service and I am guessing there is something wrong with it .It is working just fine on local IIS so I am not sure what exactly is causing the issue.Can someone please have a look and see if they can find something or point me to
a direction.
<?xml version="1.0"?>
<configuration>
<configSections>

<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089"/>
</configSections>
<system.diagnostics>
<trace>
<listeners>
<add type="Microsoft.WindowsAzure.Diagnostics.DiagnosticMonitorTraceListener, Microsoft.WindowsAzure.Diagnostics, Version=2.3.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"
name="AzureDiagnostics">
</add>
</listeners>
</trace>
</system.diagnostics>
<appSettings>
<add key="aspnet:UseTaskFriendlySynchronizationContext" value="true" />
</appSettings>
<system.web>
<authentication mode="None"/>
<customErrors mode="Off"></customErrors>
<compilation debug="true" targetFramework="4.5" />
<httpRuntime targetFramework="4.5"/>
</system.web>
<system.serviceModel>
<services>
<service name="SidService.Service1">
<endpoint address="https://sidwcfservice.azurewebsites.net/sidservice.svc"
binding="ws2007FederationHttpBinding"
contract="SidService.IService1" />
</service>
</services>
<bindings>
<ws2007FederationHttpBinding>
<binding closeTimeout="10:10:10" openTimeout="10:30:00" sendTimeout="10:30:00" receiveTimeout="10:30:00"
bypassProxyOnLocal="false" transactionFlow="false" maxBufferPoolSize="20000000" maxReceivedMessageSize="20000000" >
<security mode="TransportWithMessageCredential">
<message establishSecurityContext="true" negotiateServiceCredential="true" issuedKeyType="BearerKey">
<issuer address="https://sidaccess.accesscontrol.windows.net/v2/wstrust/13/certificate"></issuer>
<issuerMetadata address="https://sidaccess.accesscontrol.windows.net/v2/wstrust/mex" />
</message>
</security>
</binding>
</ws2007FederationHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior>
<serviceAuthorization principalPermissionMode="Always"></serviceAuthorization>

<serviceCredentials useIdentityConfiguration="true"></serviceCredentials>
<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true"/>

<serviceDebug includeExceptionDetailInFaults="true"/>
<serviceSecurityAudit auditLogLocation="Application" serviceAuthorizationAuditLevel="Failure" messageAuthenticationAuditLevel="Failure" suppressAuditFailure="true"/>
</behavior>
</serviceBehaviors>
</behaviors>
<protocolMapping>
<add binding="basicHttpsBinding" scheme="https" />
<add binding="ws2007FederationHttpBinding" scheme="https" />
<add binding="basicHttpBinding" scheme="http" />
</protocolMapping>
<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="false" />
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
preCondition="managedHandler" />
</modules>
<directoryBrowse enabled="true"/>
</system.webServer>
<system.identityModel>
<identityConfiguration saveBootstrapContext="true">
<certificateValidation certificateValidationMode="None" revocationMode="NoCheck"/>
<issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<trustedIssuers>
<add name="ACS2SigningCertificate"
thumbprint="DAE85FDA621FC090A8B0583we4380C52E484AE36" />
</trustedIssuers>
</issuerNameRegistry>
<audienceUris>
<add value="https://sidwcfservice.azurewebsites.net/sidservice.svc" />
</audienceUris>
<securityTokenHandlers>
<add type="System.IdentityModel.Tokens.Saml2SecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</securityTokenHandlers>
</identityConfiguration>
</system.identityModel>
<system.identityModel.services>
<federationConfiguration>
<cookieHandler mode="Default" requireSsl="true" />

<wsFederation passiveRedirectEnabled="true" issuer="https://sidaccess.accesscontrol.windows.net" realm="https://sidwcfservice.azurewebsites.net/" requireHttps="true" />
</federationConfiguration>
</system.identityModel.services>
</configuration>
This is the IIS log
#Software: Microsoft Internet Information Services 8.0
#Fields: date time s-sitename cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Cookie) cs(Referer) cs-host sc-status sc-substatus sc-win32-status sc-bytes cs-bytes time-taken
2014-06-11 05:19:51 SIDWCFSERVICE GET / X-ARR-LOG-ID=f7e6da2f-78f0-4c27-9cae-bb1623d150d6 80 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.114+Safari/537.36
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 210675 863 694
2014-06-11 05:21:07 SIDWCFSERVICE GET /sidservice.svc X-ARR-LOG-ID=dd15d3bc-3307-4b26-8787-1399a5e890ed 80 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko - - sidwcfservice.azurewebsites.net
200 0 0 1800 718 1044
2014-06-11 05:21:08 SIDWCFSERVICE GET /SidService.svc wsdl&X-ARR-LOG-ID=bb415471-866f-48a1-8b7a-e01d4410779e 80 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445
http://sidwcfservice.azurewebsites.net/sidservice.svc sidwcfservice.azurewebsites.net 200 0 0 2417 878 0
2014-06-11 05:21:16 SIDWCFSERVICE GET /Sidservice.svc wsdl/$metadata&X-ARR-LOG-ID=f5c6415d-9c18-4305-aad5-9cbe4fe16d43 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 3458 813 15
2014-06-11 05:21:16 SIDWCFSERVICE POST /Sidservice.svc wsdl/mex&X-ARR-LOG-ID=c2e3eeee-f5d9-49bf-b988-c524679409f3 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 500 0 0 1548 1336 62
2014-06-11 05:21:16 SIDWCFSERVICE GET /Sidservice.svc wsdl&X-ARR-LOG-ID=66bac0fb-476d-4104-bf4b-22d3cd55e906 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 8138 793 0
2014-06-11 05:21:16 SIDWCFSERVICE OPTIONS /Sidservice.svc wsdl/_vti_bin/ListData.svc/$metadata&X-ARR-LOG-ID=82bf4ff4-4842-44a6-815e-adb8fdf01d13 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 400 0 0 398 764 31
2014-06-11 05:21:16 SIDWCFSERVICE POST /Sidservice.svc wsdl&X-ARR-LOG-ID=6d7ba68e-67cd-4596-9bf9-861cab3140c2 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 500 0 0 1548 1324 31
2014-06-11 05:21:16 SIDWCFSERVICE GET /SidService.svc xsd=xsd0&X-ARR-LOG-ID=d5890f1b-793e-4b13-9c75-ccd133be1cab 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 1688 887 250
2014-06-11 05:21:16 SIDWCFSERVICE GET /Sidservice.svc wsdl/_vti_bin/ListData.svc/$metadata&X-ARR-LOG-ID=e15347e4-a7c0-4512-b3b7-a0ddf8d4ba6b 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 3458 857 250
2014-06-11 05:21:16 SIDWCFSERVICE GET /SidService.svc xsd=xsd2&X-ARR-LOG-ID=377aaf45-1c59-4254-a320-6f4028bf8928 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 992 887 31
2014-06-11 05:21:16 SIDWCFSERVICE GET /SidService.svc xsd=xsd1&X-ARR-LOG-ID=29fddc12-c18f-42b5-b232-53c9cef6d982 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 2701 887 15
2014-06-11 05:27:16 ~1SIDWCFSERVICE POST /diagnostics/settings X-ARR-LOG-ID=984746fe-583c-46f0-a241-2817286262f5 443 - 70.37.162.148 Azure-Portal/4.5.00298.11 - - sidwcfservice.scm.azurewebsites.net 204 0 0 462 1286 234
2014-06-11 05:33:23 SIDWCFSERVICE GET /sidservice.svc X-ARR-LOG-ID=5e5047a3-839b-467d-9d7e-8e79cfe931b7 80 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445
- sidwcfservice.azurewebsites.net 200 0 0 1800 804 499
2014-06-11 05:33:27 SIDWCFSERVICE GET /Sidservice.svc wsdl/$metadata&X-ARR-LOG-ID=af5d2b66-366f-465b-9b38-b5fa6c49d103 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 3458 813 0
2014-06-11 05:33:27 SIDWCFSERVICE POST /Sidservice.svc wsdl&X-ARR-LOG-ID=a93f30b4-289c-4752-9e32-ba4b23cd5590 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 500 0 0 1548 1324 31
2014-06-11 05:33:27 SIDWCFSERVICE POST /Sidservice.svc wsdl/mex&X-ARR-LOG-ID=68505196-ed63-4d65-adf2-af6413f450b6 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 500 0 0 1548 1336 31
2014-06-11 05:33:27 SIDWCFSERVICE GET /Sidservice.svc wsdl/_vti_bin/ListData.svc/$metadata&X-ARR-LOG-ID=8afaa4f2-643e-4534-b8e3-59d2c3755dee 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 3458 857 0
2014-06-11 05:33:27 SIDWCFSERVICE GET /Sidservice.svc wsdl&X-ARR-LOG-ID=abb68806-eb59-493f-a727-016115e60357 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 8138 793 15
2014-06-11 05:33:27 SIDWCFSERVICE OPTIONS /Sidservice.svc wsdl/_vti_bin/ListData.svc/$metadata&X-ARR-LOG-ID=5e9ebc9a-e0e0-431a-bbb8-02204af9f10e 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 400 0 0 398 764 31
2014-06-11 05:33:27 SIDWCFSERVICE GET /SidService.svc xsd=xsd0&X-ARR-LOG-ID=2c7a504a-3c31-4875-add8-c17fd018ff01 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 1688 887 234
2014-06-11 05:33:28 SIDWCFSERVICE GET /SidService.svc xsd=xsd2&X-ARR-LOG-ID=1727b880-7148-4d15-9e9b-0f866def7c2f 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 992 887 31
2014-06-11 05:33:28 SIDWCFSERVICE GET /SidService.svc xsd=xsd1&X-ARR-LOG-ID=40fc3543-d6a4-46ce-af1b-5aea83fb86df 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 2701 887 110
2014-06-11 05:42:21 SIDWCFSERVICE GET /SidService.svc X-ARR-LOG-ID=70ce2aaa-a11b-4862-878b-2a67bbeb1bc5 80 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.114+Safari/537.36
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 1800 904 46
2014-06-11 05:42:25 SIDWCFSERVICE GET / X-ARR-LOG-ID=4d51ab01-d247-404f-8d78-3bfda8635a3b 80 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.114+Safari/537.36
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 304 0 0 364 961 47
2014-06-11 05:42:34 SIDWCFSERVICE GET / X-ARR-LOG-ID=31d335ef-604f-4653-930f-6f6cf05664b6 443 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.114+Safari/537.36
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 150476 1020 46
2014-06-11 05:42:35 SIDWCFSERVICE GET /favicon.ico X-ARR-LOG-ID=2fe77edb-dcd9-4fc6-b418-8bdcf2313473 443 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.114+Safari/537.36
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 404 0 2 468 971 31
2014-06-11 05:42:39 SIDWCFSERVICE GET / X-ARR-LOG-ID=bf6e0cfb-7e5b-408f-9881-37e236b98a49 443 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.114+Safari/537.36
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 150476 1046 15
2014-06-11 05:42:44 SIDWCFSERVICE GET /SidService.svc X-ARR-LOG-ID=263108d8-4e68-4b52-94bd-5b87186ba45e 443 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.114+Safari/537.36
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 1801 1048 0
2014-06-11 05:57:41 SIDWCFSERVICE GET /sidservice.svc X-ARR-LOG-ID=d2ada703-123a-4842-b480-a150aec1080e 80 - 98.192.67.81 Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445
- sidwcfservice.azurewebsites.net 200 0 0 1800 804 967
2014-06-11 05:57:44 SIDWCFSERVICE GET /Sidservice.svc wsdl/_vti_bin/ListData.svc/$metadata&X-ARR-LOG-ID=d53f52a5-8a77-439c-9ae7-cc58842d456f 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 3458 857 0
2014-06-11 05:57:44 SIDWCFSERVICE GET /Sidservice.svc wsdl&X-ARR-LOG-ID=31b4a024-c05d-47a6-91dd-1149f28c73bd 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 8138 793 15
2014-06-11 05:57:44 SIDWCFSERVICE GET /Sidservice.svc wsdl/$metadata&X-ARR-LOG-ID=68e0c1da-8eb2-4b0d-ad2b-33a88cde8225 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
- - sidwcfservice.azurewebsites.net 200 0 0 3458 813 0
2014-06-11 05:57:44 SIDWCFSERVICE OPTIONS /Sidservice.svc wsdl/_vti_bin/ListData.svc/$metadata&X-ARR-LOG-ID=9ca1a5ac-d8d3-4a41-bf7a-e118ef3a0e34 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 400 0 0 398 764 31
2014-06-11 05:57:44 SIDWCFSERVICE POST /Sidservice.svc wsdl&X-ARR-LOG-ID=d9142d70-b052-4355-85cf-54a14e96209a 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 500 0 0 1548 1324 15
2014-06-11 05:57:44 SIDWCFSERVICE POST /Sidservice.svc wsdl/mex&X-ARR-LOG-ID=19e8da83-aaaf-4ff8-b5ea-73508c494ac1 443 - 98.192.67.81 - - - sidwcfservice.azurewebsites.net 500 0 0 1548 1336 64
2014-06-11 05:57:44 SIDWCFSERVICE GET /SidService.svc xsd=xsd0&X-ARR-LOG-ID=252dd0dd-1b84-4675-b855-750f69a49d07 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 1688 887 234
2014-06-11 05:57:44 SIDWCFSERVICE GET /SidService.svc xsd=xsd2&X-ARR-LOG-ID=cc247b32-9145-4823-9927-d417f12cb360 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 992 887 0
2014-06-11 05:57:44 SIDWCFSERVICE GET /SidService.svc xsd=xsd1&X-ARR-LOG-ID=ae402fb1-5caf-4e76-997a-6b2551cb3d49 443 - 98.192.67.81 Mozilla/4.0+(compatible;+MSIE+6.0;+MS+Web+Services+Client+Protocol+4.0.30319.34014)
ARRAffinity=bd0ad669a44c5d1cd8901d2d8014718c9386a2f2ad52bb066cf1cfd489ed6445 - sidwcfservice.azurewebsites.net 200 0 0 2701 887 15

hi,
Firstly, I suggest you could see the same error threads (http://social.msdn.microsoft.com/Forums/windowsazure/en-US/5cf817b3-1295-41d7-b156-ce7aa5e4d11e/502-web-server-received-an-invalid-response-while-acting-as-a-gateway-or-proxy-server?forum=windowsazurewebsitespreview
). And then, I recommend you could refer to this basic code sample(
http://social.technet.microsoft.com/wiki/contents/articles/4027.wcf-soap-service-with-federated-authentication.aspx ). And I recommend you could download this code sample and try to use it(http://code.msdn.microsoft.com/Windows-Azure-AD-Access-0dcde385/sourcecode?fileId=71587&pathId=477793108
Please try it.
hope this helps.
Will
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

502 - Web server received an invalid response while acting as a gateway or proxy server. There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream cont

I am getting error while accessing url of lyncweb.domain.com, dialin.domain.com and meet.domain.com pointing to RP server.
502 - Web server received an invalid response while acting as a gateway or proxy server.
There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.
Regards, Ganesh, MCTS, MCP, ITILV2 This posting is provided with no warranties and confers no rights. Please remember to click Mark as Answer and Vote as Helpful on posts that help you. This can be beneficial to other community members reading the thread.

When i try with https://lyncfrontend.domain.local:4443 and https://lyncfrontend.domain.com:4443 both opens but when i open the external domain name i get certificate .
ARR version installed is 3.0
To throw more light on the configuration:
Lync 2013 implemented, internal domain name is : domain.local and external domain name is : domain.com
All servers in VMs are with 4 core processor, 24gb ram, 1TB drive.
Frontend : Windows 2012r2 with Lync 2012 Standard Edition - 1 No (192.168.10.100)
Edge : Windows 2012 with Lync 2012 Std - 1 No
(192.168.11.101 DMZ) in workgroup
ISS ARR Reverse Proxy 3.0 : Windows 2012 with ARR and IIS configured. (192.168.11.102)
Certificate : Internal Domain root CA for internal and External (Digicert).
Internal Network : 192.168.10.x /24
External Network (DMZ) : 192.168.11.x /24
Public Firewall NAT to DMZ ip for firewall and RP server. So having two public IP facing external network.
Edge has : sip.domain.com, webconf.domain.com, av.domain.com
IIS ARR RP server has : lyncdiscover.domain.com, lyncweb.domain.com, meet.domain.com, dialin.domain.com
Have created SRV record in public : _sip.tls.domain.com >5061>sip.domain.com, _sipfederationtls._tcp.domain.com>5061>sip.domain.com, _xmpp-server._tcp.domain.com>5269>sip.domain.com
Installed frontend server using MS Lync server 2013 step by step for anyone by Matt Landis, Lync MVP.
Internal AD Integrated DNS pointing Front-end
Type of Record FQDN
IP Description
A sip.domain.com
192.168.10.100 Address internal Front End or Director for internal network clients
A admin.domain.com
192.168.10.100 URL Administration pool
A DialIn.domain.com
192.168.10.100 URL Access to Dial In
A meet.domain.com
192.168.10.100 URL of Web services meeting
A lyncdiscoverinternal.domain.com
192.168.10.100 Register for Lync AutoDiscover service to internal users
A lyncdiscover.domain.com
192.168.10.100 Register for Lync AutoDiscover service to external users
SRV Service: _sipinternaltls Protocol: _tcp Port: 5061
sip.domain.com Record pointer services to internal customer connections using TLS
External DNS pointing Edge & Proxy
Type of Record FQDN
IP Endpoint
A sip.domain.com
x.x.x.100 Edge
A webconf.domain.com
x.x.x.100 Edge
A av.domain.com
x.x.x.100 Edge
SRV _sip._tls.domain.com
sip.domain.com: 443 Edge
SRV _sipfederationtls._tcp.domain.com
sip.domain.com:5061 Edge
A Meet.domain.com
x.x.x.110 Reverse Proxy
A Dialin.domain.com
x.x.x.110 Reverse Proxy
A lyncdiscover.domain.com
x.x.x.110 Reverse Proxy
A lyncweb.domain.com
x.x.x.110 Reverse Proxy
In IIS ARR proxy server following server farms are added and configured as per link ttp://y0av.me/2013/07/22/lync2013_iisarr/
In proxy server had setup only following server farm : While running remote connectivity web service test : meet, dialin, lyncdiscover and lyncweb.
The client inside works fine internally and through vpn. Login with external client also working fine. But we are getting error in MRCA as follows.
a) While testing remote connectivity for lync getting error : The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Certificate was installed properly.
b) For remote web test under Lync throws error : A Web exception occurred because an HTTP 502 - BadGateway response was received from IIS7.
HTTP Response Headers:
Content-Length: 1477
Content-Type: text/html
Date: Wed, 14 May 2014 10:03:40 GMT
Server: Microsoft-IIS/8.0
Elapsed Time: 1300 ms.
Regards, Ganesh, MCTS, MCP, ITILV2 This posting is provided with no warranties and confers no rights. Please remember to click Mark as Answer and Vote as Helpful on posts that help you. This can be beneficial to other community members reading the thread.

502 - Web server received an invalid response while acting as a gateway or proxy server.

When entering a search term while viewing a forum (e.g. by using symbols or entering a long search term), I receive the following error:
Server Error
502 - Web server received an invalid response while acting as a gateway or proxy server.
There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.
I think there is a bug. Is there a way to fix this?

Is there a way to fix this?
The forum can not do compound queries. It creates OR queries from your search. So, don't use the forum to try to do complex search expressions. Use BING or Google instead.
Robert Aldwinckle

Details: i have 25 dollar but i cant by gem on clash of clansgame when i want to buy gem this massage appear (your purchase could not be completed contract i tune store support to complete this transaction please help me to solve

Details:
i have 15 dollar but i cant by gem on clash of clansgame
when i want to buy gem this massage appear (your purchase could not be completed contract i tune store support to complete this transaction
please help me to solve problem

You will want to contact iTunes Store Support from expresslane.apple.com or call Apple Care to see whats wrong with your billing information or why its being blocked.

Hi, For no apparent reason my phone stopped working...so I did a reset and got the message 'Restore Needed'. I connected to iTunes and got this message: 'iTunes could not connect to the iPhone because it is locked with a passcode. You must enter your pas

Hi,
For no apparent reason my phone stopped working...so I did a reset and got the message 'Restore Needed'. I connected to iTunes and got this message: 'iTunes could not connect to the iPhone because it is locked with a passcode. You must enter your passcode on your iPhone before it can be used with iTunes'.
The problem is, I can't enter my passcode because I'm not given that option on the iPhone. All I seem to be able to do is make an emergency call.
It's been working fine otherwise. Any suggestions?
This is the SECOND replacement iPhone I've had this week and I'm getting a bit fed up.
Thanks in advance for any help,

Are you referring to the 4 digit passcode needed to enter the phone and use it's features?
If so reboot your iPhone and enter the passcode to get it operational. Launch Image Capture on the Mac and connect the iPhone. Now you should be able to download the video files to wherever you want on your hard drive.
OT

The SCEP server returned an invalid response.

Hello
We are trying to enroll iPhone 3GS device with iOS 4.1 to be used with MDM. For SCEP server we use MSCEP in Windows Server 2008. We can't get over "Enrolling Certificate" step because it always fails with message "The SCEP server returned an invalid response.". How can we get more details? Analyzing captured HTTP stream revealed no issues.
Thanks in advance for any help.
frustrated Martin

We are testing in LAN and have configured our router to translate some domains to our local IPs. Could this be a problem? In payloads there are no IP addresses but these local domains.
It looks CA is issued the certificate, you might seen that from cert manger console. I don't see any obvious reason why cert got rejected by iPhone. (May be some one experts from apple can find from following dump) Anyway I suggest following option to you.
1) try with http if you are using https
2) install CA cert to phone and try again
3) check time between server and phone
4) try to change default scep issue template to issue 2048 key.
5) double check finger print(in SCEP profile) you config with ca cert.
Followings are SCEP PKI Message dump:
PKCS7 Message:
CMSG_SIGNED(2)
CMSGSIGNED_DATA_PKCS_1_5VERSION(1)
Content Type: 1.2.840.113549.1.7.1 PKCS 7 Data
PKCS7 Message Content:
================ Begin Nesting Level 1 ================
PKCS7 Message:
CMSG_ENVELOPED(3)
CMSGENVELOPED_DATA_PKCS_1_5VERSION(0)
Content Type: 1.2.840.113549.1.7.1 PKCS 7 Data
Content Encryption Algorithm:
Algorithm ObjectId: 1.3.14.3.2.7 des
Algorithm Parameters:
04 08 ed 76 05 85 cc 10 e0 71
04 08 ed 76 05 85 cc 10 e0 71
PKCS7 Message Content:
0000 30 00 6d 16 ce 8c 77 04 cd e4 e0 3d 33 9c 86 84 0.m...w....=3...
0010 36 6c 1c 4c e7 32 b1 8b ae 12 74 1d 2b bf 5a 52 6l.L.2....t.+.ZR
0020 3d e2 34 8c e7 e5 cf 98 35 a3 fa e7 47 da 7e eb =.4.....5...G.~.
0030 02 dd 68 23 de 37 92 c6 91 3a 1e b5 1b 61 5f 98 ..h#.7...:...a_.
0040 50 d3 27 de b5 bf 61 93 b7 ac 54 c9 c6 16 d0 8c P.'...a...T.....
0050 89 2e 92 ba 6d 52 d7 de 80 98 ad 2d ce b0 5e 5a ....mR.....-..^Z
0060 79 b4 e2 6f 7b c6 e6 13 4b b7 f4 81 f5 45 d8 3d y..o{...K....E.=
0070 c7 29 7c ca 78 34 ff 47 dc d1 fc 21 8c aa 43 3a .)|.x4.G...!..C:
0080 29 52 15 60 fb 37 54 46 aa a9 11 98 ef af b5 58 )R.`.7TF.......X
0090 e0 21 4d 99 10 2b 00 b3 44 df d9 fa e3 df 98 5c .!M..+..D......\
00a0 69 06 f9 92 5c d5 a3 32 97 ed 9c 1b 19 55 be 57 i...\..2.....U.W
00b0 85 53 df 71 87 f1 8b 62 0e b8 f7 7d 6b 47 d4 99 .S.q...b...}kG..
00c0 c0 47 f9 bb 7e 57 76 4f 55 a8 59 de b2 77 88 cc .G..~WvOU.Y..w..
00d0 e5 a7 02 de af 44 3c fb ab b9 0d ee 87 78 66 a4 .....D<......xf.
00e0 aa bc 5f 3b 90 56 90 2b c9 0f de 46 05 9c ed 9b .._;.V.+...F....
00f0 b4 a1 64 f5 5e 57 a0 d5 75 46 da 35 1e 79 d9 79 ..d.^W..uF.5.y.y
0100 1c a9 35 d1 12 47 7a de 99 d6 cc b8 a8 71 1c 72 ..5..Gz......q.r
0110 f3 28 a0 1f 44 62 8d 17 23 c1 8e 2c a1 19 3d 57 .(..Db..#..,..=W
0120 4b 12 ac 81 d2 14 6f da 67 47 25 32 05 1f 2b c3 K.....o.gG%2..+.
0130 1d 7d 2c 97 95 1b ee 6e f2 b5 36 7f 69 ea f4 c0 .},....n..6.i...
0140 b5 88 61 f7 26 db 44 13 6c ef da 8d 78 6c bd c3 ..a.&.D.l...xl..
0150 6e 45 41 7b 79 d3 92 c8 5e fd b0 1d 9c 0e ea ee nEA{y...^.......
0160 98 58 6b a8 5f c3 f4 90 16 87 9a 49 c6 99 9b fe .Xk._......I....
0170 0c d8 0a 45 ce 4e 28 59 cf 43 b1 f9 c4 d5 3b e2 ...E.N(Y.C....;.
0180 70 69 c8 ca 0e 16 2f ff 7a 3e 76 d6 dd 7e e9 86 pi..../.z>v..~..
0190 13 a3 8b 66 f8 92 6e f1 84 9b 2d 8c 89 ab d7 3a ...f..n...-....:
01a0 e9 ca 08 2a 68 76 ed f3 70 ac 52 e7 e6 7e b1 28 ...*hv..p.R..~.(
01b0 9e 0b 5d 8b 09 54 a7 60 9b 7c 4b 0d 94 76 55 0e ..]..T.`.|K..vU.
No Signer
Recipient Count: 1
Recipient Info[0]:
CMSGKEY_TRANSRECIPIENT(1)
CERTID_ISSUER_SERIALNUMBER(1)
Serial Number: 61047aca000000000003
Issuer:
CN=WIN2008SCEP-CA
No Certificates
No CRLs
---------------- End Nesting Level 1 ----------------
Signer Count: 1
Signing Certificate Index: 0
dwFlags = CAVERIFY_FLAGS_CONSOLETRACE (0x20000000)
dwFlags = CAVERIFY_FLAGS_DUMPCHAIN (0x40000000)
ChainFlags = CERTCHAIN_REVOCATION_CHECK_CHAIN_EXCLUDEROOT (0x40000000)
HCCELOCALMACHINE
CERTCHAIN_POLICYBASE
-------- CERTCHAINCONTEXT --------
ChainContext.dwInfoStatus = CERTTRUST_HAS_PREFERREDISSUER (0x100)
ChainContext.dwErrorStatus = CERTTRUST_IS_UNTRUSTEDROOT (0x20)
SimpleChain.dwInfoStatus = CERTTRUST_HAS_PREFERREDISSUER (0x100)
SimpleChain.dwErrorStatus = CERTTRUST_IS_UNTRUSTEDROOT (0x20)
CertContext[0][0]: dwInfoStatus=10c dwErrorStatus=20
Issuer: CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
NotBefore: 10/26/2010 1:14 AM
NotAfter: 10/26/2011 1:14 AM
Subject: CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
Serial: 01
11 b2 27 ec d3 e5 81 d7 35 f4 a2 fd 82 24 7e a4 c2 e3 3b 9c
Element.dwInfoStatus = CERTTRUST_HAS_NAME_MATCHISSUER (0x4)
Element.dwInfoStatus = CERTTRUST_IS_SELFSIGNED (0x8)
Element.dwInfoStatus = CERTTRUST_HAS_PREFERREDISSUER (0x100)
Element.dwErrorStatus = CERTTRUST_IS_UNTRUSTEDROOT (0x20)
Exclude leaf cert:
da 39 a3 ee 5e 6b 4b 0d 32 55 bf ef 95 60 18 90 af d8 07 09
Full chain:
11 b2 27 ec d3 e5 81 d7 35 f4 a2 fd 82 24 7e a4 c2 e3 3b 9c
Issuer: CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
NotBefore: 10/26/2010 1:14 AM
NotAfter: 10/26/2011 1:14 AM
Subject: CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
Serial: 01
11 b2 27 ec d3 e5 81 d7 35 f4 a2 fd 82 24 7e a4 c2 e3 3b 9c
A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider. 0x800b01
09 (-2146762487)
Verifies against UNTRUSTED root
Signer Info[0]:
Signature matches Public Key
CMSGSIGNER_INFO_PKCS_1_5VERSION(1)
CERTID_ISSUER_SERIALNUMBER(1)
Serial Number: 01
Issuer:
CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
Subject:
CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
Hash Algorithm:
Algorithm ObjectId: 1.2.840.113549.2.5 md5 (md5NoSign)
Algorithm Parameters: NULL
Encrypted Hash Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA
Algorithm Parameters: NULL
Encrypted Hash:
0000 2a 49 b0 b9 6e a0 0b f3 db 14 7d 0d f9 fd 89 25
0010 b1 fe ad 44 6b 79 c5 31 1a 70 a0 71 d3 bf 22 07
0020 b5 e3 5b 37 cd ee 63 9a 5b ed 85 d5 d8 fb 44 51
0030 5c 80 a4 cf 53 78 f0 b4 b7 63 57 fa f1 f9 9d 5d
0040 fb 4f 22 c7 f4 fb 34 65 1a e2 b1 cd ea b0 45 ab
0050 af ca 09 bf da 92 ea eb 10 3f 04 e5 2c a3 ae 34
0060 9a a1 50 67 27 a0 c5 aa d5 29 45 71 40 d1 73 cb
0070 53 69 5d fa 14 1d db b8 df a2 13 20 e6 da 7a 16
Authenticated Attributes[0]:
6 attributes:
Attribute[0]: 2.16.840.1.113733.1.9.2
Value[0][0]:
Unknown Attribute type
0000 13 02 31 39 ..19
0000: 13 02 ; PRINTABLE_STRING (2 Bytes)
0002: 31 39 ; 19
; "19"
Attribute[1]: 1.2.840.113549.1.9.3 (Content Type)
Value[1][0]:
Unknown Attribute type
1.2.840.113549.1.7.1 PKCS 7 Data
0000 06 09 2a 86 48 86 f7 0d 01 07 01 ..*.H......
0000: 06 09 ; OBJECT_ID (9 Bytes)
0002: 2a 86 48 86 f7 0d 01 07 01
; 1.2.840.113549.1.7.1 PKCS 7 Data
Attribute[2]: 1.2.840.113549.1.9.5 (Signing Time)
Value[2][0]:
Unknown Attribute type
Signing Time: 10/26/2010 1:14 AM
0000 17 0d 31 30 31 30 32 36 30 38 31 34 32 39 5a ..101026081429Z
0000: 17 0d ; UTC_TIME (d Bytes)
0002: 31 30 31 30 32 36 30 38 31 34 32 39 5a ; 101026081429Z
; 10/26/2010 1:14 AM
Attribute[3]: 1.2.840.113549.1.9.4 (Message Digest)
Value[3][0]:
Unknown Attribute type
Message Digest:
c3 01 9e 56 65 b3 08 20 d4 22 f3 73 1a 3a 06 b7
0000 04 10 c3 01 9e 56 65 b3 08 20 d4 22 f3 73 1a 3a .....Ve.. .".s.:
0010 06 b7 ..
0000: 04 10 ; OCTET_STRING (10 Bytes)
0002: c3 01 9e 56 65 b3 08 20 d4 22 f3 73 1a 3a 06 b7 ; ...Ve.. .".s.:..
Attribute[4]: 2.16.840.1.113733.1.9.5
Value[4][0]:
Unknown Attribute type
0000 04 10 91 73 92 a0 d5 02 e3 89 2c 2c ab 31 dc 35 ...s......,,.1.5
0010 78 69 xi
0000: 04 10 ; OCTET_STRING (10 Bytes)
0002: 91 73 92 a0 d5 02 e3 89 2c 2c ab 31 dc 35 78 69 ; .s......,,.1.5xi
Attribute[5]: 2.16.840.1.113733.1.9.7
Value[5][0]:
Unknown Attribute type
0000 13 28 30 38 34 34 36 44 45 31 44 45 37 42 31 41 .(08446DE1DE7B1A
0010 32 45 38 36 30 33 44 36 43 33 45 42 38 44 33 43 2E8603D6C3EB8D3C
0020 38 30 44 41 36 30 31 38 31 30 80DA601810
0000: 13 28 ; PRINTABLE_STRING (28 Bytes)
0002: 30 38 34 34 36 44 45 31 44 45 37 42 31 41 32 45 ; 08446DE1DE7B1A2E
0012: 38 36 30 33 44 36 43 33 45 42 38 44 33 43 38 30 ; 8603D6C3EB8D3C80
0022: 44 41 36 30 31 38 31 30 ; DA601810
; "08446DE1DE7B1A2E8603D6C3EB8D3C80DA601810"
Unauthenticated Attributes[0]:
0 attributes:
Computed Hash: 24 92 3c f9 15 fb 4d ad f8 dc f9 08 d3 6c 7d 79
No Recipient
Certificates:
================ Begin Nesting Level 1 ================
Element 0:
X509 Certificate:
Version: 3
Serial Number: 01
01
Signature Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.5 sha1RSA
Algorithm Parameters:
05 00
Issuer:
CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
[0,0]: CERTRDN_PRINTABLESTRING, Length = 36 (36/64 Characters)
2.5.4.3 Common Name (CN)="14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC"
31 34 45 45 44 38 45 38 2d 42 44 30 43 2d 34 43 14EED8E8-BD0C-4C
44 39 2d 39 39 30 44 2d 34 34 41 39 39 42 37 44 D9-990D-44A99B7D
43 36 42 43 C6BC
31 00 34 00 45 00 45 00 44 00 38 00 45 00 38 00 1.4.E.E.D.8.E.8.
2d 00 42 00 44 00 30 00 43 00 2d 00 34 00 43 00 -.B.D.0.C.-.4.C.
44 00 39 00 2d 00 39 00 39 00 30 00 44 00 2d 00 D.9.-.9.9.0.D.-.
34 00 34 00 41 00 39 00 39 00 42 00 37 00 44 00 4.4.A.9.9.B.7.D.
43 00 36 00 42 00 43 00 C.6.B.C.
NotBefore: 10/26/2010 1:14 AM
NotAfter: 10/26/2011 1:14 AM
Subject:
CN=14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC
[0,0]: CERTRDN_PRINTABLESTRING, Length = 36 (36/64 Characters)
2.5.4.3 Common Name (CN)="14EED8E8-BD0C-4CD9-990D-44A99B7DC6BC"
31 34 45 45 44 38 45 38 2d 42 44 30 43 2d 34 43 14EED8E8-BD0C-4C
44 39 2d 39 39 30 44 2d 34 34 41 39 39 42 37 44 D9-990D-44A99B7D
43 36 42 43 C6BC
31 00 34 00 45 00 45 00 44 00 38 00 45 00 38 00 1.4.E.E.D.8.E.8.
2d 00 42 00 44 00 30 00 43 00 2d 00 34 00 43 00 -.B.D.0.C.-.4.C.
44 00 39 00 2d 00 39 00 39 00 30 00 44 00 2d 00 D.9.-.9.9.0.D.-.
34 00 34 00 41 00 39 00 39 00 42 00 37 00 44 00 4.4.A.9.9.B.7.D.
43 00 36 00 42 00 43 00 C.6.B.C.
Public Key Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.1 RSA (RSA_SIGN)
Algorithm Parameters:
05 00
Public Key Length: 1024 bits
Public Key: UnusedBits = 0
0000 30 81 88 02 81 80 7c 9f 78 02 50 de 9c 86 88 5b
0010 9d 4e af cb 70 5e c9 a8 a9 7b 53 c6 29 7b ae 90
0020 28 92 10 9a af 03 09 da b7 01 a1 15 19 ee 22 35
0030 f4 45 5d 5a 5b 60 7c ef 98 5b 2d 47 b9 d7 78 c0
0040 cd 78 1c 63 dd 81 4a b7 d9 6e 2e e8 f4 9d 52 2c
0050 3a c5 fb c3 d8 9a 6b ef 49 5c fa 53 07 88 c0 e3
0060 98 a7 88 18 79 41 da f4 33 08 3c 57 a6 f0 5e 4e
0070 04 c6 8c e6 25 56 70 17 ae 38 49 c2 fd 37 7a 2b
0080 78 1f 7d 35 12 19 02 03 01 00 01
Certificate Extensions: 1
2.5.29.15: Flags = 1(Critical), Length = 4
Key Usage
Digital Signature, Key Encipherment (a0)
0000 03 02 05 a0 ....
0000: 03 02 ; BIT_STRING (2 Bytes)
0002: 05
0003: a0
Signature Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.5 sha1RSA
Algorithm Parameters:
05 00
Signature: UnusedBits=0
0000 40 c0 34 02 4c 6d 59 4d 43 21 90 d4 43 e0 69 3b
0010 83 dc e8 5d b0 9b c9 4f 50 6e 7c a3 8c fb e9 0b
0020 99 21 40 27 e8 99 f6 83 2d 6a 79 03 c5 a7 2c 0b
0030 f3 d7 5a 7c 45 2c 7d af 13 a1 02 e7 3a d4 0c 41
0040 4f b6 42 b9 c9 d3 ec f0 33 a9 92 cf 0b ba d4 46
0050 b0 04 b6 99 a4 c1 92 c2 3b 3c 1e d9 e4 ed 09 ca
0060 27 c3 74 ba 68 93 a9 65 a3 7a 1a 4e c3 a5 51 f6
0070 8e 06 94 76 b4 c3 af 55 0f 7b b5 05 36 55 fd 1e
Signature matches Public Key
Root Certificate: Subject matches Issuer
Key Id Hash(rfc-sha1): 08 44 6d e1 de 7b 1a 2e 86 03 d6 c3 eb 8d 3c 80 da 60 18 10
Key Id Hash(sha1): 21 cd df fe 7c 70 f9 0d 38 cd f5 30 e9 62 3f 7d 8a 7c bf 8b
Cert Hash(md5): 6e 8e c8 90 f7 e5 a6 0d a4 e3 4c 4f 38 28 75 1b
Cert Hash(sha1): 11 b2 27 ec d3 e5 81 d7 35 f4 a2 fd 82 24 7e a4 c2 e3 3b 9c
---------------- End Nesting Level 1 ----------------
No CRLs

IOS Mobile Device Management - The SCEP server returned an invalid response

I am in the process of writing an open source iOS mobile device management module in Java. For this I am referring the Apple provided Ruby code at [1]. I have set this up and it works fine for me. Now I need to convert this code to Java. So far I have accomplished to do that up to PKIOperation. In the PKI operation I get "The SCEP server returned an invalid response" which I believe is due to wrong response I sent to device upon PKIOperation.
However when I do search on the internet I get this is something to do with the "maxHttpHeaderSize" as I am using the server as Apache Tomcat. Although I increase that since still it does not get resolved.
Here is the code I need to convert - taken from Apple provided Ruby script
if query['operation'] == "PKIOperation"
    p7sign = OpenSSL::PKCS7::PKCS7.new(req.body)
    store = OpenSSL::X509::Store.new
    p7sign.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY)
    signers = p7sign.signers
    p7enc = OpenSSL::PKCS7::PKCS7.new(p7sign.data)
    csr = p7enc.decrypt(@@ra_key, @@ra_cert)
    cert = issueCert(csr, 1)
    degenerate_pkcs7 = OpenSSL::PKCS7::PKCS7.new()
    degenerate_pkcs7.type="signed"
    degenerate_pkcs7.certificates=[cert]
    enc_cert = OpenSSL::PKCS7.encrypt(p7sign.certificates, degenerate_pkcs7.to_der,
        OpenSSL::Cipher::Cipher::new("des-ede3-cbc"), OpenSSL::PKCS7::BINARY)
    reply = OpenSSL::PKCS7.sign(@@ra_cert, @@ra_key, enc_cert.to_der, [], OpenSSL::PKCS7::BINARY)
    res['Content-Type'] = "application/x-pki-message"
    res.body = reply.to_der
end
So this is how I written this in Java using Bouncycastle library.
X509Certificate generatedCertificate = generateCertificateFromCSR(
                privateKeyCA, certRequest, certCA.getIssuerX500Principal()
                        .getName());
        CMSTypedData msg = new CMSProcessableByteArray(
                generatedCertificate.getEncoded());
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(
                receivedCert).setProvider(AppConfigurations.PROVIDER));
        CMSEnvelopedData envelopedData = edGen
                .generate(
                        msg,
                        new JceCMSContentEncryptorBuilder(
                                CMSAlgorithm.DES_EDE3_CBC).setProvider(
                                AppConfigurations.PROVIDER).build());
        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        ContentSigner sha1Signer = new JcaContentSignerBuilder(
                AppConfigurations.SIGNATUREALGO).setProvider(
                AppConfigurations.PROVIDER).build(privateKeyRA);
        List<X509Certificate> certList = new ArrayList<X509Certificate>();
        CMSTypedData cmsByteArray = new CMSProcessableByteArray(
                envelopedData.getEncoded());
        certList.add(certRA);
        Store certs = new JcaCertStore(certList);
        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
                new JcaDigestCalculatorProviderBuilder().setProvider(
                        AppConfigurations.PROVIDER).build()).build(
                sha1Signer, certRA));
        gen.addCertificates(certs);
        CMSSignedData sigData = gen.generate(cmsByteArray, true);
        return sigData.getEncoded();
The returned result here will be output in to the servlet output stream with the content type "application/x-pki-message".
It seems I get the CSR properly and I generate the X509Certificate using following code.
public static X509Certificate generateCertificateFromCSR(
        PrivateKey privateKey, PKCS10CertificationRequest request,
        String issueSubject) throws Exception {
    Calendar targetDate1 = Calendar.getInstance();
    targetDate1.setTime(new Date());
    targetDate1.add(Calendar.DAY_OF_MONTH, -1);
    Calendar targetDate2 = Calendar.getInstance();
    targetDate2.setTime(new Date());
    targetDate2.add(Calendar.YEAR, 2);
    // yesterday
    Date validityBeginDate = targetDate1.getTime();
    // in 2 years
    Date validityEndDate = targetDate2.getTime();
    X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(
            new X500Name(issueSubject), BigInteger.valueOf(System
                    .currentTimeMillis()), validityBeginDate,
            validityEndDate, request.getSubject(),
            request.getSubjectPublicKeyInfo());
    certGen.addExtension(X509Extension.keyUsage, true, new KeyUsage(
            KeyUsage.digitalSignature | KeyUsage.keyEncipherment));
    ContentSigner sigGen = new JcaContentSignerBuilder(
            AppConfigurations.SHA256_RSA).setProvider(
            AppConfigurations.PROVIDER).build(privateKey);
    X509Certificate issuedCert = new JcaX509CertificateConverter()
            .setProvider(AppConfigurations.PROVIDER).getCertificate(
                    certGen.build(sigGen));
    return issuedCert;
The generated certificate commonn name is,
Common Name: mdm(88094024-2372-4c9f-9c87-fa814011c525)
Issuer: mycompany Root CA (93a7d1a0-130b-42b8-bbd6-728f7c1837cf), None
[1] - https://developer.apple.com/library/ios/documentation/NetworkingInternet/Concept ual/iPhoneOTAConfiguration/Introduction/Introduction.html

I am in the process of writing an open source iOS mobile device management module in Java. For this I am referring the Apple provided Ruby code at [1]. I have set this up and it works fine for me. Now I need to convert this code to Java. So far I have accomplished to do that up to PKIOperation. In the PKI operation I get "The SCEP server returned an invalid response" which I believe is due to wrong response I sent to device upon PKIOperation.
However when I do search on the internet I get this is something to do with the "maxHttpHeaderSize" as I am using the server as Apache Tomcat. Although I increase that since still it does not get resolved.
Here is the code I need to convert - taken from Apple provided Ruby script
if query['operation'] == "PKIOperation"
    p7sign = OpenSSL::PKCS7::PKCS7.new(req.body)
    store = OpenSSL::X509::Store.new
    p7sign.verify(nil, store, nil, OpenSSL::PKCS7::NOVERIFY)
    signers = p7sign.signers
    p7enc = OpenSSL::PKCS7::PKCS7.new(p7sign.data)
    csr = p7enc.decrypt(@@ra_key, @@ra_cert)
    cert = issueCert(csr, 1)
    degenerate_pkcs7 = OpenSSL::PKCS7::PKCS7.new()
    degenerate_pkcs7.type="signed"
    degenerate_pkcs7.certificates=[cert]
    enc_cert = OpenSSL::PKCS7.encrypt(p7sign.certificates, degenerate_pkcs7.to_der,
        OpenSSL::Cipher::Cipher::new("des-ede3-cbc"), OpenSSL::PKCS7::BINARY)
    reply = OpenSSL::PKCS7.sign(@@ra_cert, @@ra_key, enc_cert.to_der, [], OpenSSL::PKCS7::BINARY)
    res['Content-Type'] = "application/x-pki-message"
    res.body = reply.to_der
end
So this is how I written this in Java using Bouncycastle library.
X509Certificate generatedCertificate = generateCertificateFromCSR(
                privateKeyCA, certRequest, certCA.getIssuerX500Principal()
                        .getName());
        CMSTypedData msg = new CMSProcessableByteArray(
                generatedCertificate.getEncoded());
        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(
                receivedCert).setProvider(AppConfigurations.PROVIDER));
        CMSEnvelopedData envelopedData = edGen
                .generate(
                        msg,
                        new JceCMSContentEncryptorBuilder(
                                CMSAlgorithm.DES_EDE3_CBC).setProvider(
                                AppConfigurations.PROVIDER).build());
        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        ContentSigner sha1Signer = new JcaContentSignerBuilder(
                AppConfigurations.SIGNATUREALGO).setProvider(
                AppConfigurations.PROVIDER).build(privateKeyRA);
        List<X509Certificate> certList = new ArrayList<X509Certificate>();
        CMSTypedData cmsByteArray = new CMSProcessableByteArray(
                envelopedData.getEncoded());
        certList.add(certRA);
        Store certs = new JcaCertStore(certList);
        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
                new JcaDigestCalculatorProviderBuilder().setProvider(
                        AppConfigurations.PROVIDER).build()).build(
                sha1Signer, certRA));
        gen.addCertificates(certs);
        CMSSignedData sigData = gen.generate(cmsByteArray, true);
        return sigData.getEncoded();
The returned result here will be output in to the servlet output stream with the content type "application/x-pki-message".
It seems I get the CSR properly and I generate the X509Certificate using following code.
public static X509Certificate generateCertificateFromCSR(
        PrivateKey privateKey, PKCS10CertificationRequest request,
        String issueSubject) throws Exception {
    Calendar targetDate1 = Calendar.getInstance();
    targetDate1.setTime(new Date());
    targetDate1.add(Calendar.DAY_OF_MONTH, -1);
    Calendar targetDate2 = Calendar.getInstance();
    targetDate2.setTime(new Date());
    targetDate2.add(Calendar.YEAR, 2);
    // yesterday
    Date validityBeginDate = targetDate1.getTime();
    // in 2 years
    Date validityEndDate = targetDate2.getTime();
    X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(
            new X500Name(issueSubject), BigInteger.valueOf(System
                    .currentTimeMillis()), validityBeginDate,
            validityEndDate, request.getSubject(),
            request.getSubjectPublicKeyInfo());
    certGen.addExtension(X509Extension.keyUsage, true, new KeyUsage(
            KeyUsage.digitalSignature | KeyUsage.keyEncipherment));
    ContentSigner sigGen = new JcaContentSignerBuilder(
            AppConfigurations.SHA256_RSA).setProvider(
            AppConfigurations.PROVIDER).build(privateKey);
    X509Certificate issuedCert = new JcaX509CertificateConverter()
            .setProvider(AppConfigurations.PROVIDER).getCertificate(
                    certGen.build(sigGen));
    return issuedCert;
The generated certificate commonn name is,
Common Name: mdm(88094024-2372-4c9f-9c87-fa814011c525)
Issuer: mycompany Root CA (93a7d1a0-130b-42b8-bbd6-728f7c1837cf), None
[1] - https://developer.apple.com/library/ios/documentation/NetworkingInternet/Concept ual/iPhoneOTAConfiguration/Introduction/Introduction.html

ISE BYOD Microsoft SCEP NDES 802.1x The SCEP server returned an invalid response

Hello,
Using ISE 1.2 with WLC and on-boarding with single SSID. On occasion the error 'The SCEP server returned an invalid response' is received on the IPHONE being on-boarded - this is intermittent. The issue resolves itself in time. Any ideas on troubleshooting? tnks

On the NDES server regedit EnforcePassword = 0 and still having issues.
This has been done as well;
It is possible for ISE to generate URLs that are too long for the IIS web server. In order to avoid this problem, the default IIS configuration can be modified to allow for longer URLs. Enter this command from the NDES server CLI:
%systemroot%\system32\inetsrv\appcmd.exe set config /section:system.webServer/
security/requestFiltering /requestLimits.maxQueryString:"8192" /commit:apphost

HI I did not (nor did anyone in my household)purchace this app how can I get a refund? My ipod touch is a 3rd gen.so it does not have a camera. I did buy a camera app one day last week only to find I could not use it. This particular purchace was $1.98.

HI,
I did not (nor did anyone in my household)purchace this app how can I get a refund? My ipod touch is a 3rd gen.so it does not have a camera. I did buy a camera app one day last week only to find I could not use it. This particular purchace was $1.98.

You can try contacting apple customer service http://www.apple.com/contact but usually all app purchases are final and not refundable.

In the middle of the installation processing, this has appeared: "There is a problem with the windows installer package. A program is required for this install to complete could not be run." my question is, what is that specific program?

in the middle of the installation processing, this has appeared: "There is a problem with the windows installer package. A program is required for this install to complete could not be run." my question is, what is that specific program?

Let's try the following user tip with that one:
"There is a problem with this Windows Installer package ..." error messages when installing iTunes for Windows

HT201363 When I sign in to my Apple ID in "My Apple ID" and go to "Passwod and Security" I should answer the security questions but I don't remeber them and the bar that says "send to rescue email" doesn't show !! How could I recover the questions??

When I sign in to my Apple ID in "My Apple ID" and go to "Passwod and Security" I should answer the security questions but I don't remeber them and the bar that says "send to rescue email" doesn't show !! How could I recover the questions??

You will have to contact iTunes Support and tell them you have forgotten your Security Questions and need them reset. They will respond to you by email, usually within 24 hours. Here are two links to contact iTunes Support:
http://www.apple.com/support/itunes/ww/
or by email:
http://www.apple.com/emea/support/itunes/contact.html
Cheers,
GB

Running headless not solving problem with X11 connectivity error

I'm having a variation on a problem referenced in quite a few places, but I don't seem to be getting any closer to a solution.
I'm running a stand-alone, console-only application that uses javax.swing.text.html.HTMLEditorKit to return plain text from HTML for use in multi-part e-mails. That class is causing the following error when running on the Unix server:
java.lang.InternalError: Can't connect to X11 window server using ':0.0' as the value of the DISPLAY variable.
at sun.awt.X11GraphicsEnvironment.initDisplay(Native Method)
at sun.awt.X11GraphicsEnvironment.<clinit>(X11GraphicsEnvironment.java:175)
at java.lang.Class.forName1(Native Method)
at java.lang.Class.forName(Class.java:180)
at java.awt.GraphicsEnvironment.getLocalGraphicsEnvironment(GraphicsEnvironment.java:91)
at sun.awt.motif.MToolkit.<clinit>(MToolkit.java:124)
at java.lang.Class.forName1(Native Method)
at java.lang.Class.forName(Class.java:180)
at java.awt.Toolkit$2.run(Toolkit.java:796)
at java.security.AccessController.doPrivileged1(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java(Compiled Code))
at java.awt.Toolkit.getDefaultToolkit(Toolkit.java:787)
at java.awt.Toolkit.getEventQueue(Toolkit.java:1572)
at java.awt.EventQueue.isDispatchThread(EventQueue.java:731)
at javax.swing.SwingUtilities.isEventDispatchThread(SwingUtilities.java:1269)
at javax.swing.text.StyleContext.reclaim(StyleContext.java:448)
at javax.swing.text.StyleContext.addAttribute(StyleContext.java:305)
at javax.swing.text.html.StyleSheet.addAttribute(StyleSheet.java:568)
at javax.swing.text.StyleContext$NamedStyle.addAttribute(StyleContext.java:1497)
at javax.swing.text.StyleContext$NamedStyle.setName(StyleContext.java:1307)
at javax.swing.text.StyleContext$NamedStyle.<init>(StyleContext.java:1255)
at javax.swing.text.StyleContext.addStyle(StyleContext.java:117)
at javax.swing.text.StyleContext.<init>(StyleContext.java:97)
at javax.swing.text.html.StyleSheet.<init>(StyleSheet.java:177)
at javax.swing.text.html.HTMLEditorKit.getStyleSheet(HTMLEditorKit.java:387)
at javax.swing.text.html.HTMLEditorKit.createDefaultDocument(HTMLEditorKit.java:218)
I don't have the option of starting an X11 service on this server, so I have to find another way around.
I'm using Java 1.4.2, so my understanding is that headless mode should solve this problem for me. I've tried adding the statement
System.setProperty("java.awt.headless","true");
to the code with no avail, and tried running it with the option "-Djava.awt.headless=true" from the command line, also with no luck.
Is anyone able to give me a tip on what other course of action I can try?

Thanks, but I'm not sure what you mean. I don't know that I have access to "the source of X11GraphicsEnvironment" and I'm not confident I could locate and solve the problem if I did.
I'm a little puzzled that it's not working in headless mode, because everything that my searching turned up indicated that it worked fine in 1.4.2 unless heavyweight components were used, which they aren't.

I can not open folders from my documents. it closes with notice Could not complete your request because of a program error.

I am trying to open files with Photoshop and I get an error message
Could not complete your request because of a program error.
I have tried to open inmany directions still I get this notice
Could not complete your request because of a program error.
It started when I upgraded to Marverick

Can you open the files in the Finder?

HT201210 Have new iphone and was trying to retrieve data from itumes. Got message saying it could not be updated and "an unknown error occured." What do I do now. Phone not working, has symbol of itunes and plug, that's it. Help. I'm in tears

Cannot finish updating new replacement iphone on iTunes. Get message "unknown error occured" - and phone now doing nothing. Am beyond frustrated. Help.

is there a number after the "unknown error"
if so check this list for tips
http://support.apple.com/kb/TS3694
Thanks Clyde

Changed setting to no proxy but not solved problem Proxy Error The proxy server received an invalid response from an upstream server. The proxy server could not handle the request GET /iam/services/setContext. Reason: Error reading from remote server

Similar Messages

Maybe you are looking for