Notifications

527 views

Description


This article describes how to handle a situation where the MID Server is down or cannot connect to instance during installation. The following error occurs in the MID Server logs:

2/25/18 16:47:35 (126) StartupSequencer SEVERE *** ERROR *** SOAP Response: Status code=500, Response body=wsse:InvalidSecurity An error was discovered processing the WS-Security header No certificate(s) found in WS-Security profile
02/25/18 16:47:35 (126) StartupSequencer WARNING *** WARNING *** SOAP server error reported by ServiceNow instance, user 'midserver' may be missing the 'soap_script' role
02/25/18 16:47:35 (126) StartupSequencer SEVERE *** ERROR *** test failure 

Solution/Workaround


The error "An error was discovered processing the WS-Security header No certificate(s) found in WS-Security profile" can be due to WS-Security verification configuration in the instance. When WS-Security is enabled, authentication is required for all SOAP requests including internal integration communications such as the MID Server, ODBC Driver, Remote Update Sets, and high availability cloning. SOAP requests for these internal integration communications cannot implement WS-Security due to technical implications. If your instance uses these SOAP interfaces, you can allow them to bypass the WS-Security authentication requirement by marking their user accounts as internal integration users.

  1. Confirm that WS-Security is set up.

    1. Navigate to System Web Services > Properties
    2. Verify that Require WS-Security header verification for all incoming SOAP requests is checked.
  2. Mark the MID server user as an internal integration user.

    1. Navigate to User Administration > Users.
    2. Select the user account for the MID Server or ODBC Driver.
    3. Configure the form to add the Internal Integration User field, or edit through a list.
    4. Select the Internal Integration User checkbox.
    5. Click Update.

Note – If the user record update is aborted before the steps to mark the MID Server user as an internal integration user complete, two business rules might be blocking users with the mid_server role from having the "internal integration user" option selected. These business rules are:

  • Incompatible MID Server user role (sys_id = 64923f4bc713220003fa9c569b9763e6)
  • User settings incompatible with MID (sys_id = c006104c723220003fa9c569b9763c5)

In this situation, deactivate these business rules and then activate them again. To find the business rules:

  1. Navigate to System Definition > Business Rules.
  2. Search by the sys_id or name.

For more information, see KB0661756, "MID Server "Down" troubleshooting"

 

 

Article Information

Last Updated:2018-03-06 20:13:07
Published:2018-03-07