cancel
Showing results for 
Search instead for 
Did you mean: 

Blue Prism Load Balancer Connection Error

SiddheshwarKore
Level 3
Hi All,

I am getting following error while connecting to app-server from runtime resource :

Could not connect to https:<someservername:8199>/bpserver. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server

Configuration Details:
  • BPv7.0
  • Two Load Balanced App servers
  • WCF: Transport Encryption
  • Load Balancer set to use SSL Passthrough
  • Same SSL cert applied on two app servers
  • Same configuration in both app server (Encryption schema etc. except binding address which is FQDN of each app server)
  • CN of SSL cert: bluprismprd.somecompany.com
  • FQDN of Load Balancer: bluprismprd.wip.somecompany.com
  • Runtime Resource is configured to connect to Load Balancer VIP FQDN (bluprismprd.wip.somecompany.com:8199)
Please note that if i configure the RR to directly connect to app server without load balancer (appserver1.somecompany.com), then it works fine

------------------------------
Siddheshwar Kore
------------------------------
5 REPLIES 5

JerinJose
Level 10
Hi Siddeshwar,

Please try with End to End SSL on load balancer (you should install the same certificate that of the application servers in LB as well) and Runtime Resources must be configured using /sslcert flag along with the thumbprint of the specific SSL cert which must be deployed locally on the runtime resource. The certificate should be deployed to the machine certificate store, not a specific users store.

------------------------------
Jerin Jose
Technical Product Owner
EY
Asia/Kolkata
*"If you find this post helpful mark it as best answer, .*
------------------------------

RyanAndrews
Staff
Staff
Hi Siddheshwar,

Looking at your configuration, the common name (CN) on the certificate (bluprismprd.somecompany.com) does not match the FQDN of the Load balancers VIP (bluprismprd.wip.somecompany.com). Please reissue the certificate with either the CN or a Subject Alternate Name configured as bluprismprd.wip.somecompany.com, then reapply to the BP server configurations on each of your application servers.

------------------------------
Ryan Andrews
Platform Consultant
Blue Prism
Australia/Brisbane
------------------------------

Hi Ryan, thanks a lot. Even I was suspecting this could be a problem so I added a DNS entry which would resolve the blueprismprd.somecomapny.com. to blueprismprd.wip.somecomapny.com. However the issue persists.

------------------------------
Siddheshwar Kore
------------------------------

@RyanAndrews
Hi Ryan,

After making some changes in configuration, now the error message has disappeared. now I am getting following error:
Increase the timeout value passed to the call to request or increase the sendtimeout value on the binding​

May I check how can change the timeout value in Blue Prism Config? Is it even posssible? in LB timeout is set to 60s persistence to 15 mins so LB should not be an issue I believe

------------------------------
Siddheshwar Kore
------------------------------

@SiddheshwarKore ,

Im facing the same issue as you reported here.

Could you please let me know the steps which performed to resolve the issue.

 

Regards,

Sheela