Mid-server not able to connect to instance - WS-Security header error
ServiceNow offers the capability of enabling WS-Security header verification for all incoming SOAP requests. It is commonly used by administrators who want to:
- verify that the sender of a SOAP message is trusted
- ensure that SOAP messages have not been altered after they are sent
MIDServer WARNING *** WARNING *** Method failed: (https://instancename.service-now.com/ecc_agent.do?SOAP&displayvalue=all&redirectSupported=true)HTTP/1.1 500 Internal Server Error with code: 500
MIDServer SEVERE *** ERROR *** getRecords failed (An error was discovered processing the WS-Security header No certificate(s) found in WS-Security profile)
StartupSequencer WARNING *** WARNING *** SOAP server error reported by ServiceNow instance, user 'Your-MID-Account' may be missing the 'soap_script' role
The MID Server service might show that it is running correctly and you are able to restart the service. However, the instance does not acknowledge the connection and shows a status of down.
Administrators might forget that the MID Server user is also considered a service account. Therefore, it must also be excluded from the WSS security settings by making it an Internal Integration User. To do so, please follow these steps:
- Navigate to User Administration > Users and locate the MID Server user
- Select the MID server user and right click on the header to personalize the form.
- Add the Internal Integration User field from the left slushbucket.
- Reload the form.
- Select the Internal Integration User option.
- Update the user record.
Ensure that the MID Server user is configured correctly in compliance with the newly added security setting. The error messages should be resolved.