The Ektron Windows Service for versions 9.3 and higher have made a switch to a secured connection by default. This change will lead to issues when older sites are on a CMS server that is running 9.3 or higher by default.
If there are issues syncing between two 9.3 sites there might be something within the network blocking communications in which case the following error occurs in the sync status window.
Object reference not set to an instance of an object.
This issue could also manifest itself as the following.
Running Pre-Initialization Tasks
Or
System.ServiceModel.CommunicationObjectFaultedException: The communication object, System.ServiceModel.Channels.ServiceChannel, cannot be used for communication because it is in the Faulted state.
The object reference error could also be due to esync certificates expiring if on an earlier version that 9.3 SP1.
eSync security certificates expiring 1/1/2019
To get older versions of Ektron to sync between servers running 9.3 or higher the EnableNonSSLEndpoints field in the Ektron Windows Service(EWS) config file should be set to true.
EWS config path
<Drive>:\\Program Files (x86)\Ektron\EktronWindowsService40Ektron.ASM.EktronServices40.exe.config
<add key="EnableNonSSLEndpoints" value="true" />
Once changed stop and start the Ektron Windows Service and confirm that the service is shown as started in the event viewer. This will revert the sync to the pre-9.3 configurations, and will need to be implemented on all environments involved in a sync relationship.
If syncs between 9.3 sites are having trouble syncing there might be network settings that are blocking the communications. Setting the EnableNonSSLEndpoints to true as shown above can determine if the changes in sync standards are impacting the connection. If there is a change in behavior after switching this setting we recommend reviewing the network configuration and checking firewall logs for possible culprits.
Bug Fix
Upgrading to Ektron version 9.3 SP2 Service CU02 resolves the Object reference error and allows you to set EnableNonSSLEndpoints to false thereby allowing secure communication between syncing servers. Upgrading to 9.4 or higher should resolve this as well. With both the 9.3 and 9.4 fixes you must run the security configurator again with the discard option(as seen below).
Security Configurator Steps
- Run SecurityConfigurator.exe as an administrator from the following folder:
- C:\Program Files (x86)\Ektron\CMS400v9x\Utilities\SecurityConfig\SecurityConfigurator
- Enable Discard Existing Keys and click Generate.
- If there are multiple syncing web servers you will to do this on all of them, exchange the certs between servers(certs located in the same securityconfigurator folder), and use the apply remote certificates option to point at the remote files.
See the Ektron documentation for more details on certificate generation.
https://webhelp.episerver.com/Ektron/documentation/documentation/wwwroot/
Please sign in to leave a comment.