Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Client is unable to finish the security negotiation within the configured timeout

GyulaEgyed
Level 3

‎11-11-20 08:16 AM

Hi!

I have the following problem on one of our VM Desktops. When we use Login process sometimes the Blue Prism Listener throws the below error:

Client is unable to finish the security negotiation within the configured timeout (00:00:00). The current negotiation leg is 1 (00:00:00)

I checked the below link trying to resolve the problem but we don't use Proxy settings so this should not be the problem:

Support Center | Blue Prism Portal

What is strange that after we restart the machine there is a high chance that the listener will start without any problem.

Anybody has an idea what should be checked in our system?

Kind regards,
Gyula



------------------------------
Gyula Egyed
------------------------------
0 Likes
7 REPLIES 7

hossein.azimi
Staff
Staff

‎15-11-20 11:24 PM

Hi Gyula,

This issue can occur because when you start the program using BPServer.exe, it is starting as the user that is currently logged onto the server, and not as the system account.  However, the Access Control List (ACL) has been set to the SYSTEM account.

To solve the issue

Start the Blue Prism Server as a service and not through BPServer.exe.

 



------------------------------
Hossein Azimi
Customer Support Engineer, APAC
Blue Prism
Sydney NSW
------------------------------
0 Likes

JerinJose
Level 10

‎16-11-20 06:58 AM

Hi Gyula,

Are you using WCF Transport encryption as the BP server connection type? if you are using transport encryption you need to associate certificate thumbprint in the resource pc startup script for establishing end to end secure connection. also if you have a Layer 4 load balancer placed in front of your application server. ensure you have the same cypher suites available in TLS1.2 registry settings.

Also change the logon type of the Blueprism server service of your connection and update it with the Service account of your application server.

------------------------------
Jerin Jose
RPA Product SME
EY
Asia/Kolkata
*"If you find this post helpful, please press the "Recommend" Button.*
------------------------------
0 Likes

GyulaEgyed
Level 3
In response to JerinJose

‎18-11-20 04:06 PM

Hi Jerin Jose,

Thanks for the reply! We are using WCF: SOAP with Message Encryption & Windows Authentication as a connection type.

Kind regards,
Gyula

------------------------------
Gyula Egyed
------------------------------
0 Likes

GyulaEgyed
Level 3
In response to JerinJose

‎18-11-20 04:14 PM

Hi Hossein,

Thanks for the reply! We start Blue Prism server from a .bat file which starts two services. E.g.
sc start "Blue Prism Server:Default"
sc start "Blue Prism Server:RPA_UAT" "RPA-UAT"

Kind regards,

Gyula



------------------------------
Gyula Egyed
------------------------------
0 Likes

diljithkp
Level 2

‎19-04-22 01:31 PM

Hi,
Please check the PROXY first before going to any other changes, hope this will help you.

------------------------------
Diljith kp
IT consultant
Exponential Digital solutions
Asia/Kolkata
------------------------------
0 Likes

ChristopherNgo
Level 2

‎16-12-22 02:54 AM

Hi Gyula,

Did you manage to resolve your issue? (noted that it's been a while since you posted)
We are encountering similar issues with intermittent incidents with the same error.
We use automatic proxy setup so can't add exception rule to our server address.
We also have our Blue Prism Server started as a service.
Our version of BP is v6.7.2.



------------------------------
Christopher Ngo
Senior Solutions Architect
Westpac
Australia/Sydney
------------------------------
0 Likes

Thiagorossharma
Level 3
In response to JerinJose

‎28-01-24 11:26 AM

Your message indicates a detailed and technical approach to ensuring a secure connection, specifically with WCF Transport encryption. The mention of associating certificate thumbprint in the resource PC startup script demonstrates a careful consideration of security measures. Additionally, addressing the importance of having consistent cipher suites in TLS 1.2 registry settings, especially when using a Layer 4 load balancer, highlights a comprehensive approach to securing end-to-end connections. This level of attention to encryption and load balancing practices is commendable for maintaining a robust and secure system.Fm Whatsapp Apk



------------------------------
Thiagoros sharma
------------------------------
0 Likes
Top