Follow

Problem: Post CSR failed with error: This request operation sent to net.pipe://localhost/XXXXXXXX did not receive a reply within the configured timeout

Applies to

All versions of TPP

Microsoft Certificate Services hosting servers.

Summary

Attempts to renew a certificate fail. Checking the CA and attempting to retrieve a list of the templates fails. The message on the top of the screen reads something like this:

Post CSR failed with error: This request operation sent to net.pipe://localhost/XXXXXXXX 
did not receive a reply within the configured timeout (00:02:00). The time allotted to
this operation may have been a portion of a longer timeout. 

This will generally take about 2 minutes to return, as indicated by the "configured Timeout" message.

More Information

This is usually an indication of some level of failure on the CA. Normally, we've seen this message on Microsoft Certificate Services servers. Unfortunately, root cause has not been determined.

The message itself is a generic Windows Communication Foundation (WCF) framework error. Literally, it means something failed and we timed out, so it doesn't actually point to a fail point.

More Information about WCF

In some cases, the Certificate Services may actually be able to answer certificate requests from other sources who make their requests without WCF for instance.

Restarting the services on the TPP server or the Certificate server does not resolve the issue, as it appears to be a problem at a much lower layer.

One customer had an issue where the Certificate server was waiting for a response from the HSM, but this is a red-herring and the HSM was actually fine.

Resolution

So far, in every case we've had, we've been forced to actually reboot the Microsoft server hosting the Certificate Services. This has resolved the issue every time once the server actually comes up and, if necessary, reconnects to the HSM.

 

Was this article helpful?
0 out of 0 found this helpful

Comments