Benjamin Toelle Posted March 10, 2016 Share Posted March 10, 2016 After upgrade SF 2.6 to 3.5 all upgraded stores are working great but when i try to access a new created store i get "Cannot complete your Request". Event 17: Failed to run discovery Citrix.Web.DeliveryServicesProxy.ConfigLoader.DiscoveryServiceException, ReceiverWebConfigLoader, Version=3.5.0.0, Culture=neutral, PublicKeyToken=null An error occurred while contacting the Discovery Service at Citrix.Web.DeliveryServicesProxy.ConfigLoader.Discovery.AppendConfigurationFromDiscoveryService(WebReceiverConfigSection section) at Citrix.Web.DeliveryServicesProxy.ConfigLoader.Discovery.RunDiscovery(WebReceiverConfigSection configSection) at Citrix.Web.Proxy.Filters.DiscoveryComplete.OnAuthorization(AuthorizationContext filterContext) System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. Url: https://127.0.0.1/Citrix/Store/discovery ExceptionStatus: TrustFailure at System.Net.HttpWebRequest.GetResponse() at Citrix.DeliveryServicesClients.Utilities.HttpHelpers.ReceiveResponse(HttpWebRequest req) at Citrix.DeliveryServicesClients.Utilities.HttpHelpers.ReceiveResponse(String url, String token, HttpRequestParameters options, Object requestData, CookieContainer cookieContainer, Boolean overrideLoopback) at Citrix.DeliveryServicesClients.Discovery.RequestHandler.DiscoveryHttpRequestHandler.GetDocument(String url) at Citrix.DeliveryServicesClients.Discovery.DiscoveryClient.GetDocument(String url) at Citrix.Web.DeliveryServicesProxy.ConfigLoader.Discovery.AppendConfigurationFromDiscoveryService(WebReceiverConfigSection section) System.Security.Authentication.AuthenticationException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 The remote certificate is invalid according to the validation procedure. at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) Event 3 An error occurred during authentication. System.NullReferenceException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Object reference not set to an instance of an object. AuthenticationControllerRequestUrl: https://LB-FQDN/Citrix/StoreWeb/CitrixAuth/Login at Citrix.Web.AuthControllers.Controllers.AuthBaseController.EnumerateProtocolChoices(CitrixAuthChallenge challenge) at Citrix.Web.AuthControllers.Controllers.FederatedAuthBaseController.Login(IClaimsPrincipal claimsPrincipal) Event 6 An error occurred while trying to list the authentication protocols supported on the Receiver StoreFront authentication server using the given challenge. System.NullReferenceException, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 Object reference not set to an instance of an object. at Citrix.Web.AuthControllers.Controllers.AuthBaseController.EnumerateProtocolChoices(CitrixAuthChallenge challenge) Link to comment Share on other sites More sharing options...
CarlStalhood Posted March 10, 2016 Share Posted March 10, 2016 Go to Store > Manage Receiver for Web > Configure > Advanced Settings and change loopback to OnUsingHttp. 9 Link to comment Share on other sites More sharing options...
Benjamin Toelle Posted March 10, 2016 Author Share Posted March 10, 2016 perfect. thanks Link to comment Share on other sites More sharing options...
Tobias Knolmar Posted May 10, 2016 Share Posted May 10, 2016 thank you so much for this Link to comment Share on other sites More sharing options...
David Ross1709151782 Posted October 7, 2016 Share Posted October 7, 2016 Excellent... Thanks Carl as always a great source of info. Just to add My issue was related to a fresh Storefront 3.6 install not an upgrade. It was only after I decided to copy and paste the whole log from my storefront server I got a hit on google. :D There's hope for my IT career yet. Link to comment Share on other sites More sharing options...
Marco Zimmermann Posted October 11, 2016 Share Posted October 11, 2016 Is anybody out there who can explain why SF makes this callback to https://localhost? And not to https://baseURL or https://fqdn ? Link to comment Share on other sites More sharing options...
CarlStalhood Posted October 11, 2016 Share Posted October 11, 2016 Loopback is set to On. You can also change it to OnUsingHttp. http://www.carlstalhood.com/storefront-3-5-basic-configuration/#baseurl Link to comment Share on other sites More sharing options...
Marco Zimmermann Posted October 11, 2016 Share Posted October 11, 2016 Yeah I know that, but I got a valid certificate on my Storefront and try to understand why he is not making a loopback call to https://fqdn (that would succeed without a trust relationship error). Link to comment Share on other sites More sharing options...
CarlStalhood Posted October 11, 2016 Share Posted October 11, 2016 Turn off loopback. Then edit your HOSTS file to point the Base URL to 127.0.0.1. This is the older way of doing it. 1 Link to comment Share on other sites More sharing options...
Jerry Ammann Posted November 10, 2016 Share Posted November 10, 2016 You should be able to use https, I have it working in my environment. In fact the OnUsingHttp doesn't work for me because I have unbound http on the default Website for security. You SF server certs will need the LB FQDN as a SAN in the certs on your SF servers. Link to comment Share on other sites More sharing options...
Davide Schiavoni Posted May 19, 2017 Share Posted May 19, 2017 Worked for me!! Thank you Carl!!! :) :) :) :) Link to comment Share on other sites More sharing options...
Ginsmon Joseph Posted June 12, 2017 Share Posted June 12, 2017 Thanks Carl Stalhood since Go to Store > Manage Receiver for Web > Configure > Advanced Settings and change loopback to OnUsingHttp resolved my issue Link to comment Share on other sites More sharing options...
Henrry Ortiz Posted August 1, 2017 Share Posted August 1, 2017 Thanks it works. Link to comment Share on other sites More sharing options...
Ainars Klavins Posted November 16, 2017 Share Posted November 16, 2017 Carl, I can't thank you enough! :-) You've saved so much of my time and efforts so many times with your website and Citrix posts.. I sometimes log calls with Citrix Tech support and even they reference your website as a first point of contact for any Citrix issues or configuration steps.. Thank you again and keep up the amazing work! :) AK Link to comment Share on other sites More sharing options...
Gustavo Henrique Pereira Posted July 17, 2018 Share Posted July 17, 2018 I turned the loopback off and it worked Link to comment Share on other sites More sharing options...
Nagesh Malashetru1709162755 Posted May 27, 2021 Share Posted May 27, 2021 Having similar issue on my estate: With SHA2 CERT CV2 there is no issue however when renewed CERT with sha384RSA CV3 algorithm and changing the option OnUsingHttp on SF working for me, but i would like to know how to fix the issue without changing setting in SF ?? If any one knw it much appreciated. Note: I cannot generate new CERT with SHA2 in my estate where CA has been recently configured with CV3 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now