Gravatar for josh.vohs@vml.com

Question by jvohs5, Dec 8, 2015 4:15 PM

An Error Occurred While Decrypting The SitecorePassword Configuration Element Value

I'm setting up Coveo for Sitecore on a CM instance in a remote setup (Sitecore and CES on separate servers). Installing the package (v1188) was successful and I was able to enter the configuration info at the end of the install. I then proceeded through this document to set up the instance for remote CES. I also logged into the Sitecore control panel and changed the Sitecore Password that Coveo uses.

After I was set up and verified all values looked correct in Coveo.SearchProvider.config, including encrypted keys for QueuePassword and SitecorePassword I enabled the Coveo.SearchProvder.config file, cycled IIS, and refreshed. I received the "Request is not available in this context" error message. The Coveo.Search.log file contains the output below.

I've tried updating both passwords through the control panel which updates the config file, but still shows the error below. I've also noticed the RijndaelEncryptionKeys file does not have it's modified timestamp updated after entering new passwords. Maybe I'm wrong in expecting it to update. I've tried deleting this file and updating the passwords, which works to an extent. The QueuePassword related errors in the log will go away when I do that.

I've also tried removing the configs entirely and reinstalling the CfS package. I should also add that this works correctly on my local machine (CES and Sitecore on same machine). Anything else I can try?

34792 13:27:16 Coveo.Framework.Configuration.CoveoIndexConfiguration.set_QueuePassword(:0) WARN  An error occurred while decrypting the QueuePassword configuration element value. The element value will be used as is assuming it is unencrypted. You can encrypt this password by using the Indexing Queue Connection Configuration wizard located at Control Panel > Coveo Search > Configuration.
Exception: System.Security.Cryptography.CryptographicException
Message: Length of the data to decrypt is invalid.
Source: mscorlib
   at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
   at System.IO.Stream.Close()
   at Coveo.Connectors.Utilities.Encryption.RijndaelEncrypter.DecryptData(Byte[] p_DataToDecrypt)
   at Coveo.Framework.Security.ConfigurationValueEncrypter.Decrypt(String p_EncryptedValue)
   at Coveo.Framework.Configuration.CoveoIndexConfiguration.set_QueuePassword(String value)

34792 13:27:16 Coveo.Framework.Configuration.CoveoIndexConfiguration.set_SitecorePassword(:0) WARN  An error occurred while decrypting the SitecorePassword configuration element value. The element value will be used as is assuming it is unencrypted. You can encrypt this password by using the Sitecore Credentials Configuration wizard located at Control Panel > Coveo Search > Configuration.
Exception: System.Security.Cryptography.CryptographicException
Message: Length of the data to decrypt is invalid.
Source: mscorlib
   at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
   at System.IO.Stream.Close()
   at Coveo.Connectors.Utilities.Encryption.RijndaelEncrypter.DecryptData(Byte[] p_DataToDecrypt)
   at Coveo.Framework.Security.ConfigurationValueEncrypter.Decrypt(String p_EncryptedValue)
   at Coveo.Framework.Configuration.CoveoIndexConfiguration.set_SitecorePassword(String value)

34792 13:27:16 Coveo.Framework.Configuration.CoveoIndexConfiguration.set_QueuePassword(:0) WARN  An error occurred while decrypting the QueuePassword configuration element value. The element value will be used as is assuming it is unencrypted. You can encrypt this password by using the Indexing Queue Connection Configuration wizard located at Control Panel > Coveo Search > Configuration.
Exception: System.Security.Cryptography.CryptographicException
Message: Length of the data to decrypt is invalid.
Source: mscorlib
   at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
   at System.IO.Stream.Close()
   at Coveo.Connectors.Utilities.Encryption.RijndaelEncrypter.DecryptData(Byte[] p_DataToDecrypt)
   at Coveo.Framework.Security.ConfigurationValueEncrypter.Decrypt(String p_EncryptedValue)
   at Coveo.Framework.Configuration.CoveoIndexConfiguration.set_QueuePassword(String value)

34792 13:27:16 Coveo.Framework.Configuration.CoveoIndexConfiguration.set_SitecorePassword(:0) WARN  An error occurred while decrypting the SitecorePassword configuration element value. The element value will be used as is assuming it is unencrypted. You can encrypt this password by using the Sitecore Credentials Configuration wizard located at Control Panel > Coveo Search > Configuration.
Exception: System.Security.Cryptography.CryptographicException
Message: Length of the data to decrypt is invalid.
Source: mscorlib
   at System.Security.Cryptography.RijndaelManagedTransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
   at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
   at System.Security.Cryptography.CryptoStream.Dispose(Boolean disposing)
   at System.IO.Stream.Close()
   at Coveo.Connectors.Utilities.Encryption.RijndaelEncrypter.DecryptData(Byte[] p_DataToDecrypt)
   at Coveo.Framework.Security.ConfigurationValueEncrypter.Decrypt(String p_EncryptedValue)
   at Coveo.Framework.Configuration.CoveoIndexConfiguration.set_SitecorePassword(String value)

34792 13:27:17 Coveo.Framework.Configuration.CoveoIndexConfiguration.ValidateSitecoreCredentials(:0) WARN  Unable to validate the Sitecore credentials. You can disable this validation using the "SkipSitecoreLoginCheck" configuration element. But, be aware that wrong Sitecore credentials will prevent the permissions from being applied correctly on indexed documents.
Exception: System.Web.HttpException
Message: Request is not available in this context
Source: System.Web
   at System.Web.Profile.SqlProfileProvider.GetPropertyValuesFromDatabase(String userName, SettingsPropertyValueCollection svc)
   at System.Web.Profile.SqlProfileProvider.GetPropertyValues(SettingsContext sc, SettingsPropertyCollection properties)
   at System.Configuration.SettingsBase.GetPropertiesFromProvider(SettingsProvider provider)
   at System.Configuration.SettingsBase.SetPropertyValueByName(String propertyName, Object propertyValue)
   at System.Configuration.SettingsBase.set_Item(String propertyName, Object value)
   at System.Web.Profile.ProfileBase.SetInternal(String propertyName, Object value)
   at System.Web.Profile.ProfileBase.set_Item(String propertyName, Object value)
   at Sitecore.Data.DataProviders.NullRetryer.ExecuteNoResult(Action action, Action recover)
   at Sitecore.Security.UserProfile.SetPropertyValueCore(String propertyName, Object value)
   at Sitecore.Security.UserProfile.get_CustomProperties()
   at Sitecore.Security.UserProfile.GetCustomProperty(String propertyName)
   at Sitecore.Security.SecurityUtil.GetUserDigestCredentials(User user, Boolean withoutDomain)
   at Sitecore.Security.SecurityUtil.UpdateDigestCredentials(String username, String password)
   at Sitecore.Security.SitecoreMembershipProvider.ValidateUser(String username, String password)
   at Sitecore.Security.Authentication.AuthenticationHelper.ValidateUser(String userName, String password)
   at Sitecore.Security.Authentication.MembershipAuthenticationProvider.Login(String userName, String password, Boolean persistent)
   at Coveo.Framework.Configuration.CoveoIndexConfiguration.ValidateSitecoreCredentials()

34792 13:27:18 Coveo.Framework.Configuration.CoveoIndexConfiguration.ValidateSiteName(:0) WARN  Unable to validate the Sitecore website. You can disable this validation using the "SkipSiteNameValidation" configuration element. But, be aware that using an invalid site name will prevent the Coveo security provider from resolving permissions.
Exception: System.Web.HttpException
Message: Response is not available in this context.
Source: System.Web
   at System.Web.HttpContext.get_Response()
   at Sitecore.Security.Authentication.AuthenticationHelper.HandleAuthenticationError()
   at Sitecore.Security.Authentication.FormsAuthenticationHelper.GetCurrentUser()
   at Sitecore.Security.Authentication.AuthenticationHelper.GetActiveUser()
   at Sitecore.Security.AccessControl.ItemAccess.IsAllowed(Item item, AccessRight accessRight)
   at Sitecore.Data.Managers.ItemProvider.ApplySecurity(Item item, SecurityCheck securityCheck)
   at Sitecore.ContentTesting.Pipelines.ItemProvider.GetItem.GetItemUnderTestProcessor.Process(GetItemArgs args)
   at (Object , Object[] )
   at Sitecore.Pipelines.CorePipeline.Run(PipelineArgs args)
   at Sitecore.Data.Managers.PipelineBasedItemProvider.ExecuteAndReturnResult[TArgs,TResult](String pipelineName, String pipelineDomain, Func`1 pipelineArgsCreator, Func`1 fallbackResult)
   at Sitecore.Data.Managers.ItemManager.GetItem(String itemPath, Language language, Version version, Database database)
   at Sitecore.FXM.Matchers.DomainMatcherRepository.GetAllDomainMatchers(IDatabase database)
   at Sitecore.FXM.Sites.FxmSiteProvider.GetFxmSites()
   at Sitecore.FXM.Sites.FxmSiteProvider.get_FxmSites()
   at Sitecore.FXM.Sites.FxmSiteProvider.GetSites()
   at Sitecore.Sites.SitecoreSiteProvider.<GetSites>b__6(SiteProvider p)
   at System.Linq.Enumerable.<SelectManyIterator>d__14`2.MoveNext()
   at Sitecore.Sites.SiteCollection.AddRange(IEnumerable`1 sites)
   at Sitecore.Sites.SitecoreSiteProvider.GetSites()
   at Sitecore.Sites.SiteContextFactory.GetSites()
   at Sitecore.Sites.SiteContextFactory.GetSiteInfo(String name)
   at Sitecore.Sites.SiteContextFactory.GetSiteContext(String name)
   at Coveo.Framework.Sites.SiteContextFactoryWrapper.GetSiteContext(String p_SiteName)
   at Coveo.Framework.Configuration.CoveoIndexConfiguration.ValidateSiteName()

34792 13:27:18 Coveo.SearchProvider.ProviderIndexBase.Initialize(:0) ERROR An error while Initializing occurred
Exception: System.Web.HttpException
Message: Request is not available in this context
Source: System.Web
   at System.Web.HttpContext.get_Request()
   at Sitecore.Web.WebUtil.GetServerUrl(Boolean forcePort)
   at Coveo.Framework.Utils.UrlUtilities.GetServerUrl()
   at Coveo.SearchProvider.Documents.ItemLinkFactory..ctor(CoveoIndexConfiguration p_Configuration, IUrlUtilities p_UrlUtilities, ISiteContextFactory p_SiteContextFactory, IPipelineRunnerHandler p_PipelineRunnerHandler)
   at Coveo.SearchProvider.IndexOperations.Initialize(CoveoIndexConfiguration p_Configuration, IBinaryDataPropertiesWriter p_BinaryDataPropertiesWriter)
   at Coveo.SearchProvider.ProviderIndexBase.Initialize(IIndexDocumentPropertyMapper`1 p_DocumentTypeMapper)
2 Replies
Gravatar for sbelzile@coveo.com

Answer by Sébastien Belzile, Dec 9, 2015 10:02 AM

I have been able to reproduce your error.

I will have to fix this on our side. Here is a workaround.

Workaround: Add a slash ('/') to the end of your ServerUrl in your configuration: https://[instanceName]/.

Gravatar for josh.vohs@vml.com

Comment by jvohs5, Dec 9, 2015 10:27 AM

This resolved the "Request is not available in this context" error and the site now comes up!

It sounds like the sitecorepassword and queuepassword validation errors are expected behavior when using Solr, so I'll keep those suppressed by skipping validation.

Thanks for your help!

Gravatar for jflheureux@coveo.com

Answer by Jean-François L'Heureux, Dec 8, 2015 4:52 PM

Hello Josh,

First, the documentation you followed seems to be the January 2015 release documentation: https://developers.coveo.com/display/public/SC201501/Setting+Up+Coveo+for+Sitecore+in+a+Remote+Server+Configuration

The equivalent page in the December 2015 release documentation have one more step but it shouldn't be the cause of your problems: https://developers.coveo.com/display/SitecoreV3/Setting+Up+Coveo+for+Sitecore+in+a+Remote+Server+Configuration

The RijndaelEncryptionKeys file wont't change when you set a password from the Coveo configuration wizards. This file is created only once per Sitecore instance and used to encrypt/decrypt all the configuration-stored passwords for Coveo for Sitecore.

It is strange that you had the password related errors go away by having Coveo for Sitecore regenerate the RijndaelEncryptionKeys file and resetting the passwords from the Coveo configuration wizards. Maybe the configuration file contained line breaks or extra spaces for those XML elements values?

For the "Request is not available in this context" error message, it happens when the Coveo indexes are initializing. They validate some configuration elements. The Sitecore user and Sitecore site name validations seems to be failing in your case because the HTTP context Request and Response objects are not available.

  • Is it possible that there is other Sitecore modules or differences between your local setup and this remote setup?
  • Is it possible that the Sitecore application pool modes in IIS are different?

Thanks,

Jeff

Gravatar for josh.vohs@vml.com

Comment by jvohs5, Dec 8, 2015 5:20 PM

Strangely, when I deleted and had the RijndaelEncryptionKeys file recreated, resetting the Queue password through the control panel would remove the QueuePassword error from the log, but the "Unable to validate the Sitecore credentials" error has never gone away.

The Sitecore modules, etc, are the same between the two environments. The app pools are configured the same except for the identity used. I tried switch the identity but it didn't resolve the issue. I also turned off basic auth on the remote site, but didn't see any change.

It should be as simple as going through the control panel wizard to change the passwords, right? Or am I potentially missing a step?

Gravatar for jflheureux@coveo.com

Comment by Jean-François L'Heureux, Dec 8, 2015 5:48 PM

You're right. Changing the passwords is just a matter of using the Sitecore Control Panel > Coveo Search > Configuration wizards as explained in the documentation:

  • https://developers.coveo.com/display/SitecoreV3/Configuring+the+Coveo+for+Sitecore+Indexing+Queue+Connection
  • https://developers.coveo.com/display/SitecoreV3/Configuring+the+Sitecore+Credentials
Gravatar for jflheureux@coveo.com

Comment by Jean-François L'Heureux, Dec 8, 2015 5:50 PM

For your error, is it possible that you run Coveo side by side with Solr instead of Lucene? We have a known issue with Solr that is documented here: https://developers.coveo.com/display/SitecoreV3/%5BSolr%5D+Error+when+initializing+Coveo+when+side-by-side+with+Solr+is+enabled

Also, what's your Sitecore version (including major, minor and revision)?

Gravatar for josh.vohs@vml.com

Comment by jvohs5, Dec 8, 2015 6:02 PM

We do use Solr (4.6.0) instead of Lucene, both on my local and on the remote. I found this when I was searching intially, which prompted me to wait for the Dec 2015 release, which we are now on.

Sitecore 8.0 u5 (rev. 150812)

Gravatar for jflheureux@coveo.com

Comment by Jean-François L'Heureux, Dec 8, 2015 6:18 PM

I think this error will always be thrown when using Solr and Coveo together. There's no fix for that but only a workaround possible since the December 2015 release of Coveo for Sitecore with the introduction of the <SkipSiteNameValidation> configuration element.

Did you configure your Coveo.SearchProvider.config file the way it is mentioned in the known issue article?

Since December 2015: Set the flag SkipSiteNameValidation in the configuration.

<configuration xmlns:patch="http://www.sitecore.net/xmlconfig/">
  <sitecore>
    <coveo>
      <defaultIndexConfiguration type="Coveo.Framework.Configuration.CoveoIndexConfiguration, Coveo.Framework">
        <SkipSiteNameValidation>true</SkipSiteNameValidation>
      </defaultIndexConfiguration>
    </coveo>
  </sitecore>
</configuration>
Gravatar for josh.vohs@vml.com

Comment by jvohs5, Dec 8, 2015 6:47 PM

I did add SkipSiteNameValidation and even SkipSitecoreLoginCheck. The error log is now trimmed down to the following:

42672 17:43:36 Coveo.Framework.Configuration.CoveoIndexConfiguration.Validate(:0) INFO  Validation of the Sitecore authentication process is disabled. Skipping Sitecore credentials check.
42672 17:43:36 Coveo.Framework.Configuration.CoveoIndexConfiguration.ValidateSiteName(:0) INFO  Validation of the Site name is disabled. Skipping Site name validation.
42672 17:43:36 Coveo.SearchProvider.ProviderIndexBase.Initialize(:0) ERROR An error while Initializing occurred
Exception: System.Web.HttpException
Message: Request is not available in this context
Source: System.Web
   at System.Web.HttpContext.get_Request()
   at Sitecore.Web.WebUtil.GetServerUrl(Boolean forcePort)
   at Coveo.Framework.Utils.UrlUtilities.GetServerUrl()
   at Coveo.SearchProvider.Documents.ItemLinkFactory..ctor(CoveoIndexConfiguration p_Configuration, IUrlUtilities p_UrlUtilities, ISiteContextFactory p_SiteContextFactory, IPipelineRunnerHandler p_PipelineRunnerHandler)
   at Coveo.SearchProvider.IndexOperations.Initialize(CoveoIndexConfiguration p_Configuration, IBinaryDataPropertiesWriter p_BinaryDataPropertiesWriter)
   at Coveo.SearchProvider.ProviderIndexBase.Initialize(IIndexDocumentPropertyMapper`1 p_DocumentTypeMapper)
Ask a question