Schneider Electric Exchange Community

Discuss and solve problems in energy management and automation. Join conversations and share insights on products and solutions. Co-innovate and collaborate with a global network of peers.

Register Now
Learn about the Community. Join our Core Community to Get Started
Knowledge Base
cancel
Showing results for 
Search instead for 
Did you mean: 

"No connection to server" or long time waiting when logging on from Workstation using HTTPS

Issue

When trying to log on to an ES or AS using HTTPS, you get "No connection to server" or it takes a long time. Using HTTP it works fine.

Version 1.6.0 and below you get "No connection to server"

Version 1.6.1 and above you get in but it takes an extra 25 seconds compared to normal

Product Line

EcoStruxure Building Operation

Environment

  • Enterprise Server
  • Automation Server
  • Workstation

Cause

The most common reason for this is that the port used for HTTPS is changed in the Software Administrator, and not added in Workstation when logging on. For a solution to that, please check Workstation Log on failure due to unidentified port.

A more rare reason for this has been identified on sites with strict network policies or no connection to the internet. The reason this is happening is because an application using SSL or TLS (e.g. OpenSSL) is regularly checking for certificate revocation. That can normally only be done if the PC has internet connection. If the PC can't connect to Microsoft's server to get the newest list of revoked certificates, the application will appear to hang or fail to use SSL. For a deep explanation of certificate revocation check and the base of this article, read Citrix' article: Slow Web Interface\MMC console? CRL explained.

The issue can be confirmed using Fiddler. Here is an example on how to identify the issue.:

https connections explained.png

Another way to check it, is to enter the URL used to retrieve the list on the PC having the issue: http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab?baa88d4bbbfc3... When trying to access that URL from a PC having this issue, you should get "HTTP Error 502 Bad gateway".

Resolution

  1. Download the newest CRL updates from a PC with internet connection
  2. Copy the two files to the PC having the issue
  3. Open a command prompt and navigate to the folder where the files are located
  4. Install the CRL files using the following commands
    • CertUtil -AddStore CA CodeSignPCA.crl
    • CertUtil -AddStore CA CodeSignPCA2.crl
Tags (7)
Labels (1)
No ratings