Security certificate issue for Provider Hosted App (SP Online)

Hi all,
I am having a hard time with SP Online debugging a basic provider hosted app.
Steps I have taken to create the app:
 created a new provider hosted app in Visual Studio 2013 and setting my SP Online debugging site (wich works perfectly for SP hosted apps).
Chose Azure ACS option, although I do not have an Azure account
When I deploy the app I get to the page on my debugging site where I must choose "Trust It", but when I do I get the message that the Connection is Unsecure/unsafe:
 How can I fix this? Do I need to create an Azure account for debugging purposes already? Or is there another way to solve the problem?

Hi,
I understand that you get Security certificate issue for Provider Hosted App (SP Online).
Per my knowledge, you need to create an Azure account for debugging purposes.
To create a SharePoint 2013 app for Office 365 and publish it to an Azure web site, you can refer to:
http://blogs.msdn.com/b/kaevans/archive/2014/02/24/creating-a-sharepoint-2013-app-with-azure-web-sites.aspx
Best Regards,
Linda Li
Linda Li
TechNet Community Support

Similar Messages

  • Error occurred in deployment step 'Install app for SharePoint': Failed to install app for SharePoint. provider-hosted app sharepoint on premise

    Error occurred in deployment step 'Install app for SharePoint, ULS log as below:
    0x0BA8 SharePoint Foundation          App Deployment                 acjjg Medium   The current user has System.Threading.Thread.CurrentPrincipal.Identity.Name
    = 0#.w|perf\abraham.lincoln, System.Security.Principal.WindowsIdentity.GetCurrent().Name = NT AUTHORITY\IUSR, System.Web.HttpContext.Current.User.Identity.Name = 0#.w|perf\abraham.lincoln. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.39  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ag8d6 Medium   SPApp: CreateAppUsingPackageMetadata: isCabStream is false. Treating the stream as a ZIP. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.39  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ahkn9 High     Deleting App with fingerprint TJQrYuD5N+kEe38LZtl6wSs3Ak3yYvWcmwuNLTqtpdFzb4qSMopN3SWCRdWvntrKoM7qIS2S2llpA5omi8iHqQ==
    on site 264dc389-d394-4985-a43c-ad91a383c0df dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.39  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ahkob High     The App with fingerprint TJQrYuD5N+kEe38LZtl6wSs3Ak3yYvWcmwuNLTqtpdFzb4qSMopN3SWCRdWvntrKoM7qIS2S2llpA5omi8iHqQ==
    on site 264dc389-d394-4985-a43c-ad91a383c0df was to be deleted, but it did not exist dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 abnqa Medium   App Packaging: CreatePackage: There are 10 parts in the package.  There are 1 package-part relationships
    in the package. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 afyz6 Medium   SPAppResources: ParseResources: No default resource file was found. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 afyzx Medium   SPAppResources: ParseResources: no resource file relationships were found. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aebgs Medium   SPPackageUtility: ExtractPart: Creating directory 'C:\Users\abraham.lincoln.PERF\AppData\Local\Temp\71345ca6-3565-43d8-9017-2d3336965d8f\extract' dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aebgt Medium   SPPackageUtility: ExtractPart: Creating file 'C:\Users\abraham.lincoln.PERF\AppData\Local\Temp\71345ca6-3565-43d8-9017-2d3336965d8f\extract\AppManifest.xml' dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddw Medium   SPPackageUtility: ExtractPart: Part stream length is '1072'. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddz Medium   SPPackageUtility: ExtractPart: Length is '1072', not locking before copying the stream. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aebgt Medium   SPPackageUtility: ExtractPart: Creating file 'C:\Users\abraham.lincoln.PERF\AppData\Local\Temp\71345ca6-3565-43d8-9017-2d3336965d8f\extract\AppIcon.png' dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddw Medium   SPPackageUtility: ExtractPart: Part stream length is '3540'. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddz Medium   SPPackageUtility: ExtractPart: Length is '3540', not locking before copying the stream. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.41  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aidi7 Medium   SPIconAppPartValidator: IsSupportedFormat: image raw format is 'b96b3caf-0728-11d3-9d7b-0000f81ef32e'. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 afyz6 Medium   SPAppResources: ParseResources: No default resource file was found. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 afyzx Medium   SPAppResources: ParseResources: no resource file relationships were found. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aebgt Medium   SPPackageUtility: ExtractPart: Creating file 'C:\Users\abraham.lincoln.PERF\AppData\Local\Temp\71345ca6-3565-43d8-9017-2d3336965d8f\extract\featurecc1deab7-efdf-4cc2-80ae-60e073577d64.xml' dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddw Medium   SPPackageUtility: ExtractPart: Part stream length is '321'. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddz Medium   SPPackageUtility: ExtractPart: Length is '321', not locking before copying the stream. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aebgt Medium   SPPackageUtility: ExtractPart: Creating file 'C:\Users\abraham.lincoln.PERF\AppData\Local\Temp\71345ca6-3565-43d8-9017-2d3336965d8f\extract\elements4d87f314-4b0a-4b89-8a7e-9cb73c99f25f.xml' dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddw Medium   SPPackageUtility: ExtractPart: Part stream length is '849'. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajddz Medium   SPPackageUtility: ExtractPart: Length is '849', not locking before copying the stream. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aerhy Medium   App Packaging - List of App Parts (count ='2'): Name='SPIconAppPart',Name='SPFeatureAppPart', dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 aerhz Medium   App Packaging - List of Deployment Groups (count ='3'): Name='SPIconDeploymentGroup',Name='SPTargetWebDeploymentGroup',Name='SPQuickLaunchDeploymentGroup', dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.42  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 mq71 Medium   Creating App with fingerprint TJQrYuD5N+kEe38LZtl6wSs3Ak3yYvWcmwuNLTqtpdFzb4qSMopN3SWCRdWvntrKoM7qIS2S2llpA5omi8iHqQ==
    to site 264dc389-d394-4985-a43c-ad91a383c0df. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.44  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 afpd2 Medium   Committing package with fingerprint TJQrYuD5N+kEe38LZtl6wSs3Ak3yYvWcmwuNLTqtpdFzb4qSMopN3SWCRdWvntrKoM7qIS2S2llpA5omi8iHqQ==
    and data length 8010 to site 264dc389-d394-4985-a43c-ad91a383c0df. dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.46  w3wp.exe (0x2170)                        0x0BA8 SharePoint Foundation        
     App Deployment                 ajk9e Medium   Writing 8010 bytes to database for app with fingerprint TJQrYuD5N+kEe38LZtl6wSs3Ak3yYvWcmwuNLTqtpdFzb4qSMopN3SWCRdWvntrKoM7qIS2S2llpA5omi8iHqQ== dcf1d59c-94c5-5071-47bf-07cd3f2ead95
    12/14/2014 23:54:27.50  w3wp.exe (0x2170)

    Hi Jerry,
    I agree with Nikhil, I think you have posted partial ULS log, we could not find effective errors for the issue.
    For Provider Hosted app in SharePoint server on-premise,
    the TokenHelper class will try to access your Azure Security Principle by default.
    Did you have a valid Azure account?
    If not, the issue may be caused that you don't have a valid account, to resolve this issue, you can use
    a valid Azure account or not going to use Azure Platform for hosting the app as the article
    below.
    http://pratapreddypilaka.blogspot.jp/2012/12/sharepoint-2013-avoiding-azure-on-dev.html
    Thanks,
    Jason
    Jason Guo
    TechNet Community Support

  • Provider-hosted app deployment error

    Hi,
    I am developing a provider-hosted app which programmatically adds the app part on Home page of the site. I wrote the code for adding the app part in App Installed event. It works fine when i debug it on my development site. Then i made a catalog site and
    deployed it there following the instructions in this blog. 
    http://blogs.msdn.com/b/russmax/archive/2014/06/26/part-2-intro-to-provider-hosted-apps-develop-package-and-deploy.aspx
    After deploying the app on app catalog, when i try to add the app, i get the following error.
    Log Name:      Application
    Source:        Microsoft-SharePoint Products-SharePoint Foundation
    Date:          3/18/2015 5:44:17 PM
    Event ID:      8311
    Task Category: Topology
    Level:         Error
    Keywords:      
    User:          SP\Administrator
    Computer:      SP2013.SP2013.LOCAL
    Description:
    An operation failed because the following certificate has validation errors:
    Subject Name: CN=SP2013.SP2013.LOCAL
    Issuer Name: CN=SP2013.SP2013.LOCAL
    Thumbprint: 9D3D48F8D7ED5AE4CB187BEB3319C3E65A36340C
    Errors:
     SSL policy errors have been encountered.  Error code '0x2'..
    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
      <System>
        <Provider Name="Microsoft-SharePoint Products-SharePoint Foundation" Guid="{6FB7E0CD-52E7-47DD-997A-241563931FC2}" />
        <EventID>8311</EventID>
        <Version>15</Version>
        <Level>2</Level>
        <Task>13</Task>
        <Opcode>0</Opcode>
        <Keywords>0x4000000000000000</Keywords>
        <TimeCreated SystemTime="2015-03-18T12:44:17.912561500Z" />
        <EventRecordID>24215803</EventRecordID>
        <Correlation ActivityID="{3A58A90C-2A9C-4128-A4CF-D07A9FEB48E8}" />
        <Execution ProcessID="980" ThreadID="688" />
        <Channel>Application</Channel>
        <Computer>SP2013.SP2013.LOCAL</Computer>
        <Security UserID="S-1-5-21-2707663415-3900761612-1761970234-500" />
      </System>
      <EventData>
        <Data Name="string0">CN=SP2013.SP2013.LOCAL</Data>
        <Data Name="string1">CN=SP2013.SP2013.LOCAL</Data>
        <Data Name="string2">9D3D48F8D7ED5AE4CB187BEB3319C3E65A36340C</Data>
        <Data Name="string3">SSL policy errors have been encountered.  Error code '0x2'.</Data>
      </EventData>
    </Event>
    I am deploying the app with non-system user. Is there any any limitation of using app installed event in
    app catalog or am i doing something wrong?

    Hi,
    The following blog for you to check:
    SharePoint 2013 Domain Certificate for Provider-Host App Development Environment
    http://rwcchen.blogspot.com/2013/12/sharepoint-2013-domain-certificate-for.html
    Or try to add the following line within <system.net> tag
    in your SharePoint site web.config:
    <settings>
    <servicePointManager
    checkCertificateName="false"
    checkCertificateRevocationList="false"/>
    </settings>
    Best Regards
    TechNet Community Support
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
    [email protected]
    Thanks for the reply but I already tried the solution. My app works fine when i deploy it without app install event receiver but when i add the event receiver i face the error. Is there any limitation of using app install event receivers?

  • Provider Hosted App - Exception Handling and Logging

    Hello,
    I would like to use file system to log the exceptions (The IIS server in which the APP is configured) for Provider Hosted App - Could anyone share some blogs/links related to that?
    Thanks in advance,

    Well the first time, I asked the question, I think I
    was not so clear. Please let me explain this in
    detail. I am not architect, so correct me if I am
    wrong.
    I want to use log4J but definitely want to avoid using
    them directly in our package, idea is to create
    wrappers around all the external API, jar we are
    using. At logging side I feel little comfortable.
    But having little difficulty in thinking and designing
    about Exception handling framework.
    1. My aim is to create a general framework in 3 broad
    categories (For Presentation tier, For Business tier,
    for Data Access tier)
    2. For each tier if you import those already created
    framework classes, all developers should be just able
    to use the methods of exception framework and use them
    in catch block and throw them.
    Example:- I would like to create a class called
    MyProjectExceptionDecider, which will decide the type
    of exception in Business Tier and then use my
    MyProjectExceptionErrorParser, which reads the XML
    document and gets a related message number and error
    message.
    This MyProjectExceptionErrorParser then passes the
    right exception to MyProjectExceptionDisplayer which
    will display the exception with right message and
    message number.
    And something more like this. I am not yet getting
    complete picture.
    3. So, if you have done something similar and if you
    have the class diagram and sequence diagram for such
    exception handling, I would be grateful if you are
    willing to share with me.
    Please let me know, if you have different ideas. I
    request you all to participate and throw your ideas
    and suggestions.
    Srikanthgenerally, wheather or not you are using log4j or anything else, when designing exception handling mechnism, you need to decide on where or by whom an exception will be handled, and if the exception needs to be displyed, and how it is displayed.

  • HTTPS SharePoint site with HTTPS Provider hosted app - The remote certificate is invalid according to the validation procedure

    We have SharePoint 2013 site configured with SSL and we have developed a provider hosted app which interacts with SharePoint list.
    If we try accessing the Provider hosted app from the SharePoint site with HTTP [http://mysharepointsite.com/] there are no any errors thrown.
    But whenever the same Provider hosted app is tried accessing from the same SharePoint site using https address
    [https://mysharepointsite.com/] we are getting below error:
    The remote certificate is invalid according to the validation procedure.
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
    Exception Details: System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.
    Source Error:
    An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
    Stack Trace:
    [AuthenticationException: The remote certificate is invalid according to the validation procedure.]
    System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) +2983172
    System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) +473
    System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) +86
    System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) +262
    System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) +473
    System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) +86
    System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) +262
    System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) +473
    System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) +86
    System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) +262
    System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) +473
    System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) +8530566
    System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) +230
    System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) +645
    System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) +9
    System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) +87
    System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) +1467
    System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) +84
    System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) +22
    System.Net.ConnectStream.WriteHeaders(Boolean async) +761
    [WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.]
    System.Net.HttpWebRequest.GetResponse() +8534156
    Microsoft.SharePoint.Client.SPWebRequestExecutor.Execute() +58
    Microsoft.SharePoint.Client.ClientRequest.ExecuteQueryToServer(ChunkStringBuilder sb) +975
    ProviderHostedHTTPSWeb.Default.Page_Load(Object sender, EventArgs e) +348
    System.Web.UI.Control.LoadRecursive() +71
    System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3178
    We have already added the certificate used for the SharePoint site and the provider hosted app in the SharePoint central admin trusts.
    Any idea's how can I resolve this issue?

    Hi,
    According to your post, my understanding is that you failed to access provider host app using https.
    The reason for this is that SharePoint implements its own certificate validation policy to override .NET certificate validation.
    Fix is to setup a trust between SharePoint and the server requiring certificate validation.
    For more information, you can refer to:
    http://blogs.technet.com/b/sharepointdevelopersupport/archive/2013/06/13/could-not-establish-trust-relationship-for-ssl-tls-secure-channel.aspx
    Best Regards,
    Linda Li
    Linda Li
    TechNet Community Support

  • SharePoint Provider Hosted App: mixed content issue

    We have a provider hosted app that needs the SharePoint javascript and CSS files, so in our MVC view we added the following code:
    <script src="@Request.QueryString["SPHostUrl"]/_layouts/15/SP.RequestExecutor.js" type="text/javascript"></script><script src="@Request.QueryString["SPHostUrl"]/_layouts/15/sp.js" type="text/javascript"></script>
    The provider hosted app runs in HTTPS, our SharePoint environment in HTTP.
    The app wants to get those SharePoint javascript and CSS files, but blocked because you try to access files from HTTPS to HTTP.
    Example of the error in IE:
    SEC7111: HTTPS security is compromised by http://ap/project/blabla/_layouts/15/sp.ui.controls.js 
    Example of an error in Chrome:
    [blocked] The page at 'https://ap:2281/Appname/?SPHostUrl=…' was loaded over HTTPS, but ran insecure content from 'http://ap/project/blabla/_layouts/15/sp.ui.controls.js': this content should also be loaded over HTTPS.
    How can we solve this issue without setting our SharePoint environment also to HTTPS?

    Hi,
    We can use the following method to solve this issue.
    <%@ Page Language="C#" AutoEventWireup="true" CodeBehind="StyleConsumer.aspx.cs" Inherits="StylesheetAppWeb.StyleConsumer" %>
    <!DOCTYPE html>
    <html>
    <head>
    <title>App using stylesheet</title>
    </head>
    <body>
    <!-- The main page title -->
    <h1 class="ms-core-pageTitle">Stylesheet app</h1>
    <!-- Some subtitle -->
    <h1 class="ms-accentText">For people</h1>
    <!-- Subtitle comments -->
    <h2 class="ms-accentText">who care about the style in their apps</h2>
    <p></p>
    <div>
    <h2 class="ms-webpart-titleText">Get started with style in your app... </h2>
    <a class="ms-commandLink" href="#">some command</a>
    <br />
    This sample shows you how to use some of the classes defined in the SharePoint website's style sheet.
    </div>
    <!-- Script to load SharePoint resources
    and load the blank.html page in
    the invisible iframe
    -->
    <script type="text/javascript">
    "use strict";
    var appweburl;
    (function () {
    var ctag;
    // Get the URI decoded app web URL.
    appweburl =
    decodeURIComponent(
    getQueryStringParameter("SPAppWebUrl")
    // Get the ctag from the SPClientTag token.
    ctag =
    decodeURIComponent(
    getQueryStringParameter("SPClientTag")
    // The resource files are in a URL in the form:
    // web_url/_layouts/15/Resource.ashx
    var scriptbase = appweburl + "/_layouts/15/";
    // Dynamically create the invisible iframe.
    var blankiframe;
    var blankurl;
    var body;
    blankurl = appweburl + "/Pages/blank.html";
    blankiframe = document.createElement("iframe");
    blankiframe.setAttribute("src", blankurl);
    blankiframe.setAttribute("style", "display: none");
    body = document.getElementsByTagName("body");
    body[0].appendChild(blankiframe);
    // Dynamically create the link element.
    var dclink;
    var head;
    dclink = document.createElement("link");
    dclink.setAttribute("rel", "stylesheet");
    dclink.setAttribute("href", scriptbase + "defaultcss.ashx?ctag=" + ctag);
    head = document.getElementsByTagName("head");
    head[0].appendChild(dclink);
    // Function to retrieve a query string value.
    // For production purposes you may want to use
    // a library to handle the query string.
    function getQueryStringParameter(paramToRetrieve) {
    var params;
    var strParams;
    params = document.URL.split("?")[1].split("&");
    strParams = "";
    for (var i = 0; i < params.length; i = i + 1) {
    var singleParam = params[i].split("=");
    if (singleParam[0] == paramToRetrieve)
    return singleParam[1];
    </script>
    </body>
    </html>
    More information is here:
    http://msdn.microsoft.com/en-us/library/office/fp179898(v=office.15).aspx
    Other materials:
    http://sharepoint.stackexchange.com/questions/58731/how-do-i-inherit-the-css-theme-color-in-my-sharepoint-2013-app
    http://social.msdn.microsoft.com/Forums/en-US/7d1028fe-e8c6-4d48-8e69-30eef3757522/auto-hosted-app-client-webpart-server-side-code-is-not-working?forum=appsforsharepoint
    Best Regards
    Dennis Guo
    TechNet Community Support

  • Why do we need UPA for rehydrating users in Sharepoint provider hosted app scenario?

    Our on prem. SPS 2013 environment is configged to authenticate through ADFS against a third party IDP. We know nothing about these users, the returned SAML contains a role and based on this role we authorize user in SPS. This works great.
    No we are investigating high-trust provider hosted apps (on prem, no azure acs). We have created a simple MVC, and configged it to use ADFS. Now if users are authenticated from SPS they can call the MVC and the ADFS token is reused. Works perfect. Only thing
    is that whenever we need to call Sharepoint code through the client objectmodel, we get a 401 and the ULS shows that SPS is not able to map the incoming user to a user in User Profile DB. Off course it can't because the user is not in UPA and cannot be in
    UPA beacuse the users are stored outside our domain and there is no way to sync these to our SPS environment. I read a couple of blogs about this issue and the all say that we ned to sync with the user repository to fill upa; but again that cannot be (suppose
    on of our IDP's was facebook...?)
    The construction works if we use apponly security, but now we lose our SPS security. So my real question is, can we some how workaround User Profile service in the scenario, or at least without needing to sync these users.
    Any help/guidance is much appreciated!
    Sander

    Hi John,
    No we were not able to find a solution. The provider hosted app-model of SPS 2013 just does not take into account that in some cases useraccounts are not available. We could not find a way around user rehydration. Off course you can all ways use another
    security model like app-only policies, but that was not sufficient for us. It was also kind of disappointing there was no way to handle this; th emost problematic for me personal is that I cannot think of a reason why the rehydration can not be skipped in
    some way. If you configure it to run within SPS itself, rehydration is not necessary, so why it seams mandatory in provider hosted app beats me ;-)
    We went back to good old farm-solutions with webparts. 
    Sorry 
    Sander

  • Provider hosted App certificates (.cer & .pfx)

    I have a implemented a provider hosted App inside the SharePoint 2013 server (the certificates .cer & .pfx  taken from the IIS of same server) and able to get the result. However I am not clear about taking the certificates in the multi server
    environment (SharePoint Server & IIS server for remote web app).
    can anyone please suggest from which server (Sharepoint Server or IIS server)  do I need to take the .cer & .pfx files to configure multi server environment ?
    Thanks

    Hi,
    According to your post, my understanding is that you want to create a provider hosted app and use NLB in premise environment.
    You need to use a different certificate on this ‘Listener’ web application.
    Configuring SharePoint 2013 Apps and Multiple Web Applications on SSL with a
    Single IP Address
    For more information, you can refer to:
    Aspiring Architect: Sharepoint 2013 - Avoiding Azure on Dev Box
    More TroubleShooting Tips for High Trust Apps on SharePoint 2013
    You need to ensure that all connections to the SharePoint servers are secure and encrypted
    Best Regards,
    Linda Li
    Linda Li
    TechNet Community Support

  • How do i deal with 'security certificate' issues on my iPad2? I'm unable to answer the security questions that pop up when Im trying to download an app because the pop up does not load properly...

    Basically my Ipad2 stopped allowing me to go to sites such as Tumblr a little while ago. It wouldn't display the page properly because of 'security certificate' issues. This in itself would not have been such a problem, but when I went to the App store to try and download the Tumblr App, a pop up appeared asking me to answer some security questions before I could successfully install the App. However, the pop up would not display correctly because of 'security certificate' issues and as a result I can't download any apps from the App Store. Can anyone help with this??

    Well, I maged to delete some stuff, download the update...
    My Mac mail is still not ok. Still only displays today, yesterday and everything is the 16th of the month previous to this?
    All a bit strange to say the least any suggestons on how to resolve this.
    I now have a second issue in all my emails at the very top of each it describes in detail the full information of
              Delivered-To:  
              Received:  
              Received:  
              Received:  
              Received:  
              X-Received:  
              Return-Path:  
              Received-Spf:
              Authentication-Results:
              Content-Type:  
              Mime-Version:  
              X-Mailer:  
              X-Cloudmark-Analysis:  
    Surely this should not be displayed rather insecure I would think. Any suggestions on how to amend

  • Getting Client Context in Class Library for Sharepoint 2013 provider hosted app

    I have created an MVC Provider hosted app.
    From my controllers I can easily get the client context via:
    var spContext = SharePointContextProvider.Current.GetSharePointContext(HttpContext);
    But in my layout page, I have a call that gets the topnavbar and replicates it:
    @foreach (var nav in HostHelper.GetNav(this))
    <li class='static'>
    <a class='static menu-item ms-core-listMenu-item ms-displayInline ms-navedit-linkNode' href='@nav.Url'>
    <span class='addition-background ms-navedit flyoutArrow'>
                                                            <span class='menu-item-text'>
    @nav.Title                                                
    </span>                                                   </span>                                               
    </a>                                           
    </li>                                       
    This causes an error because I am not sure how to get the clientcontext from my class. I have tried:
    public static NavigationNodeCollection GetNav()       
    var spContext = SharePointContextProvider.Current.GetSharePointContext(System.Web.HttpContext.Current);
    using (var clientContext = spContext.CreateUserClientContextForSPHost())
    if (clientContext != null)
    NavigationNodeCollection topNav = clientContext.Web.Navigation.TopNavigationBar;            
    clientContext.Load(topNav);                   
    clientContext.ExecuteQuery();                   
    return topNav;                                       }           
    return null;       
    put it doesnt get the client context

    Hi,
    According to your description,  my understanding is that you want to get SharePoint provider hosted app ClientContext in the layout page.
    In the layout page, it needs to use TokenHelper Class to get access token and then retrieve the ClientContext.
    Here is a detailed article for your reference:
    How to Get SharePoint Client Context in SharePoint Apps (Provider Hosted / SharePoint Access ) in CSOM (Client Side Object Model)
    Thanks
    Best Regards
    TechNet Community Support
    Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
    [email protected]

  • The remote server returned an error :(401) unauthorized in Provider hosted app deployment

    Hi,
    We are trying to deploy the provider hosted app in server environment . we are getting the "The remote server returned an error :(401) unauthorized" error after deploy the app in server.
    stack Trace:
    [webException:Te remote server returned an error:(401) UnAuthorized.]
    System.Net.HeepWebRequest.GetResponse().
    Followed the same MSDN steps , but sill same error. We have attached the certificate and using the same issuer ID in the app web.config.
    Verified the IIS setting and still getting the same error when we call the "Clientcontext.ExecuteQuery()" method.
    Same code is working fine in my Local dev environment.
    If anyone have idea about this issue, please let me know.
    Thank you,
    Mylsamy

    Hi ,Thank you for your response. We have tried all the options and everything is same (Client ID,Issuer ID...etc) and finally figured out the issue.The below link saved my day.http://msdn.microsoft.com/en-us/library/office/dn762439(v=office.15).aspxIn "TokenHelper.cs" GetRealmFromTargetUrl method always return null andWhen we analyze the issue we found some variable name assigned for "Realm" Instead of GUID in SP server.Power shell command to get the Realm in SP server:  Get-SPAuthenticationRealmWe have followed below article to generate the new GUID for realm.http://technet.microsoft.com/en-us/library/jj219756(v=office.15).aspx$c =Get-SPServiceContext -Site "http://<websiteurl>"Set-SPAuthenticationRealm -ServiceContext $c -Realm "a686d436-9f16-42db-09b7-cb578e110ccd".
    Thankyou,Mylsamy

  • SharePoint remote provider hosted apps - confusion around key questions

    For some time, I have been trying to get a provider hosted app setup to work, and I am afraid that I - as a relative novice - must have missed some key points despite hours of googling and reading. Here's my questions:
    A remote, provider hosted app, would have its AppWeb in a domain that is different from the host SharePoint Farm in which it is gets installed and used. In other words, the AppWeb may be located at remote.contoso-apps.com, where as the SharePoint farm uses
    for instance spslocal.mycorp.com. However, when you - in the SharePoint host farm - set up your App Domain/App isolation - you can only provide one value - which in this case would then need to be remote.contoso-apps.com??? Does that mean that each SharePoint
    Farm can only contain Apps from one vendor delivering remote apps? Or is the key in hard coding the app web in the manifest? (However, even if I've tried this it seems like the token SPAppWebUrl still translates into the pattern defined in the App Isolation
    Settings in the host farm???).
    Back to the AppWeb: Many bloggers have mentioned that you have to add some kind of SharePoint element to your App project (not the Web Project part) to get the AppWeb provisioned from Visual Studio 2013. But at what stage are these SharePoint elements actually
    provisioned - during some kind of publish operation of the Web Project part (the Pages, Scripts etc.) or when you install the app package (hardly the latter, since the first installation may be when a customer installs the app???). The reason I ask is (of
    course) that my SharePoint Elements do not seem to get provisioned. And just to test my very basic understanding: the AppWeb can be any pure IIS web site from the start - i.e., not a SharePoint Web App?
    Thanks for any help on these challenging issues!

    Paul,
    thanks for your effort, but unfortunately the answers do not get me much further.
    Question 1: You write "You can only use one domain, because cross-domain IFrame requests are blocked in SharePoint 2013". This is contrary to numerous other articles that explain how the SharePoint cross-domain library (SP.RequestExecutor.js) can be
    used to communicate across domains. From the outset, the whole idea about an AppWeb is - according to Microsoft documentation - that the AppWeb should be isolated from the HostWeb and therefore in a separate domain. 
    This article,
    http://msdn.microsoft.com/en-us/library/office/jj612823(v=office.15).aspx, even talks about scenarios where the SharePoint Host Web and App Web are in different security zones!
    So according to a load of other documentation it is indeeed a valid scenario I am addressing, but I still miss the key answers to the questions above. I suspect that the key is to hardcode certain URIs in your app that points to the cloud AppWeb
    (so the single App Domain specified in the Host Farm is not used at all), but I have failed to find the necessary documentation on this.
    Question 2: The article mentioned does not talk about the issues that I have asked about, specifically when the SharePoint elements in the App are created.
    Anyone with experience in this area? Thanks!

  • Error with Provider Hosted App on Edit Form of a list item

    We have an error on the Edit Form of one of our pages.
    We have developed a SharePoint Online Provider Hosted app which replaces the standard edit form of a list item and has some further events behind the save button. Since this is rather new territory for us, we're using a roundabout way of achieving this by
    using a script editor web part to display an iFrame of our app. That way we can pass the Url through to our app and retrieve query strings from them.
    Our issue comes quite intermittently in that we sometimes get a "web page cannot be found" error or sometimes a "resource cannot be found" error, however, when we load another app on the site (from the same app project, but using an app
    part), then go back to the Edit Form, the information in the iFrame suddenly renders.
    Any ideas on what might be causing this issue at all? Ideally, we should be rendering the app to the Edit Form is the proper manner, rather than scripting an iFrame that points to out app in Azure. Would this be the cause of the problem?
    Thanks
    Tom

    Hi thumper, if you have access to InfoPath, you can add the form to a page using the InfoPath web part. Otherwise, use SP Designer with instructions below:
    http://sharepoint.stackexchange.com/questions/70287/display-new-form-of-a-list-in-a-web-part-page
    cameron rautmann

  • Redirection error An error occurred while processing your request in provider-hosted app which is hosted in Windows Azure

    Hello,
    I developed one simple provider hosted app and I published it in my Azure website. I also published the SharePoint App of this solution in O365 site. I'm using Visual Studio 2013 Premium edition. I've followed all the steps to do this work e.g.
    generate the client ID and client secret through my O365 site and updated the AppManifest.xml as well as web.config etc. In my AppWeb project, I've TokenHelper.cs and SharePoint.cs classes.
    When I'm clicking the app from my O365 site, I get the following error "An error occurred while processing your request" which is due to the following code:
     protected void Page_PreInit(object sender, EventArgs e)
                Uri redirectUrl;
                switch (SharePointContextProvider.CheckRedirectionStatus(Context, out redirectUrl))
                    case RedirectionStatus.Ok:
                        return;
                    case RedirectionStatus.ShouldRedirect:
                        Response.Redirect(redirectUrl.AbsoluteUri, endResponse: true);
                        break;
                    case RedirectionStatus.CanNotRedirect:
                        Response.Write("An error occurred while processing your request.");
                        Response.End();
                        break;
    It's always executing the case RedirectionStatus.CanNotRedirect. Why?
    I've checked the method "CheckRedirectionStatus" of SharePointContext.cs class completely and I am not understanding why am I getting this error.
    When I browse my Azure website http://sitename.azurewebsites.net, even there I'm getting this error. I believe that error is because there is no query string parameter there e.g. SPHostURL etc.
    Please let me know why I'm having this redirection error.
    Thanks,
    Ashish

    Hi,
    For a better troubleshooting,
    I suggest you do as the following:
    Debug the code step by step to find the reason of the issue.
    For the remote debug your app from Windows Azure, you need to download Azure SDK:
    http://azure.microsoft.com/en-us/downloads/
    After installing the SDK, it will have “Attach Debugger” for Azure web site, you
    also need to set "Attach Debugger" to on in the Windows Azure Management Portal
    More detailed information about how to debug provider-hosted app:
    http://blogs.technet.com/b/speschka/archive/2013/11/25/debugging-sharepoint-apps-that-are-hosted-in-windows-azure-web-sites.aspx
    Best regards,
    ZhengyuGuo
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if
    they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Zhengyu Guo
    TechNet Community Support

  • Report Viewer control in sharepoint 2013 provider hosted app

    sharepointSite/_vti_bin/ReportServer
    We are migrating sp 2010 site to SP 2013 provider hosted app. we are using Report viewer control (version 10.0.0) in .net application app server, And the reporting service is configured in sharepoint site and report is uploaded in the document
    library. We are using claims based authentication
    ReportViewer1.ServerReport.ReportServerUrl =
    newUri("sharepointSite/_vti_bin/ReportServer");
    ReportViewer1.ServerReport.ReportPath = @"sharepointSite/_vti_bin/ReportServer?sharepointSite/Reports/Report1.rdl";
    and am getting an error
    ReportServerException: For more information about this error navigate to the report server on the local server machine, or enable remote errors]
    [ReportServerException: The user does not exist or is not unique.]
    [ReportServerException: Report Server has encountered a SharePoint error. (rsSharePointError)]
       Microsoft.Reporting.WebForms.ServerReportSoapProxy.OnSoapException(SoapException e) +82
       Microsoft.Reporting.WebForms.Internal.Soap.ReportingServices2005.Execution.ProxyMethodInvocation.Execute(RSExecutionConnection connection, ProxyMethod`1 initialMethod,
    ProxyMethod`1 retryMethod) +770
       Microsoft.Reporting.WebForms.ServerReport.EnsureExecutionSession() +105
       Microsoft.Reporting.WebForms.ServerReport.SetParameters(IEnumerable`1 parameters) +163
       BP.SDC.eXPP.UIAppsWeb.UserControls.Baseline.ProgressDashboard.RefreshDashboardReport(Int32 userRoadMapDisciplineId, String roadmapSection)
    System.Web.UI.Page.ProcessRequestMain(Boolean
    includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3804
    Can you please help me to solve this issue

    Hi,
    According to your post, my understanding is that you had issues about the provider hosted app.
    Per the error, the issue may be related to the permission issue.
    For a better troubleshooting, we can check with the following steps.
    To norrow down the issue, please create a new and clean app to test whether it has the same issue.
    You can check the ULS log to see if anything unexpected occurred when you deploy the app and open the site page.
    For SharePoint 2013, by default, ULS log is at
    C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS
    You can check the ULS log by the methods here:
    http://blogs.msdn.com/b/opal/archive/2009/12/22/uls-viewer-for-sharepoint-2010-troubleshooting.aspx
    http://msdn.microsoft.com/en-us/library/gg193966(v=office.14).aspx
    Thanks,
    Jason
    Forum Support
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
    [email protected]
    Jason Guo
    TechNet Community Support

Maybe you are looking for

  • Problem with icons in the application bar (Photoshop CS4)

    My computer's OS is WinXP Pro SP3. I just now noticed a problem with all icons in the application bar in PS CS4 (v. 11.0.1). When I bring mouse over icons (except for zoom level icon), all icons turn into blank (white) boxes. For "Arrange Documents"

  • External Sound On External Monitor?

    Hi guys, need some help here So, what I'm trying to do is connect my macbook pro 13 inch to a samsung monitor( can be used as tv and monitor). So , it was easy to connect but what i really wanted is to play a game on my macbook and put a video to see

  • Hp envy 750xt 970gpu flickering monito rafter waking from hibernation

    When the computer wakes up from hibernation, the monitor image has horizontal lines flickering and the image can also go in and out blacking out. The horizontal lines travel up and down the monitor flickering.  

  • Error during installing Solution Manager at step 18 of 25 (import ABAP)

    During installing Solution Manager, I got following errors and can't compleate installing. ========================== ERROR 2007-02-15 11:05:22 CJS-30022  Program 'Migration Monitor' exits with error code 2. For details see log file(s) import_monitor

  • New Iphone charge?

    What is the best way to charge a new Iphone?