Call to HttpSendRequestSync failed for port 443 with status code 500

Question

Call to HttpSendRequestSync failed for port 443 with status code 500

SergiEE 140

Hi to all, I check my site system status and i saw a Distribution Point with red flag. In the messages i can see this one: Gravedad Tipo Código de sitio Fecha y hora Sistema Componente Id. de mensaje Descripción Error Hito XXX 14/04/2023 11:53:11 XXXXX.XXX.XXXX SMS_MP_CONTROL_MANAGER 5491 El Administrador de control del punto de administración detectó que el servicio de usuario no responde a las solicitudes HTTP. El error de HTTP es 500. Posible causa: el servicio de IIS no responde. Solución: reinicie manualmente el servicio W3SVC.
I restarted the service and it doesn't work. I check it the MPControl log and i can see the following error: Call to HttpSendRequestSync failed for port 443 with status code 500, text: Internal Server Error SMS_MP_CONTROL_MANAGER 14/04/2023 13:58:12 7768 (0x1E58) Http test request failed, status code is 500, 'Internal Server Error'. SMS_MP_CONTROL_MANAGER 14/04/2023 13:58:12 7768 (0x1E58) I have no errors in inetpub (IIS log) all with 200. When i try to check mplist URL i get 403.7 error so i can't trouble this.. I don't know what more can i do.. TIA!!

Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-17T06:55:13.4566667+00:00

@SergiEE Please convert your error message to English, I suggest you use the failed request tracking to view detailed error information, this will generate detail log file, which will help you to identify the problem.
SergiEE 140 Reputation points

2023-04-17T11:36:22.41+00:00

Sam Wu-MSFT thanks for the answer. I can translate the message: MP Control Manager detected User Service is not responding to HTTP requests.. The http error is 500. Possible cause: IIS service is not responding.
Solution: Manually restart the W3SVC service on the MP. I'm checking the state of SMS__MP___CONTROL__MANAGER and some times works fine and 20 minutes later return the error..
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-18T10:05:36.29+00:00

@SergiEE Please check if your Frt log is correct, the status code of your error message is 500, but the result you get using frt is 403.7.
SergiEE 140 Reputation points

2023-04-18T16:28:56.39+00:00

Hii! Ok i add the client certificate to personal store and now my request to MP is working correctly:

Im getting the same error in mpcontrol: Call to HttpSendRequestSync failed for port 443 with status code 500, text: Internal Server Error SMS_MP_CONTROL_MANAGER 18/04/2023 18:23:40 5344 (0x14E0) Http test request failed, status code is 500, 'Internal Server Error'. SMS_MP_CONTROL_MANAGER 18/04/2023 18:23:40 5344 (0x14E0) I don't know what more can i try... Regards
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-19T07:57:39.3666667+00:00

@SergiEE These messages cannot reproduce your problem, you still need use the failed request tracking to to see details about 500 error.
SergiEE 140 Reputation points

2023-04-19T11:18:32.96+00:00

@Sam Wu-MSFT i think this is the correct error:

Thanks!!
SergiEE 140 Reputation points

2023-04-20T07:05:45.0066667+00:00

Morning! After delete the duplicated key in webconf, i get different error in IIS but the same at SCCM:
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-20T07:56:02.63+00:00

@SergiEE It seems that the issue caused by ceritificate on server. Please refer to this thread to check the certificate on server. Then delete the unnecessary certificates.
SergiEE 140 Reputation points

2023-04-21T07:10:36.94+00:00

@Sam Wu-MSFT Morning! I have executed the commands few days ago and I don't know if the output it's correct or not, but it doesn't return nothing. I don't know how more can I or what I should do. In inetpub log I can see this following error: 2023-04-20 21:59:56 10.71.75.44 BITS_POST /CCM_INCOMING/{8A34539E-1324-4250-8878-DD558B8D016E} (bits_error:{236F3846-8EFD-4B5B-B8DB-359E91B6C03F},500,0x8020001F) 443 - 10.71.73.184 Microsoft+BITS/7.8 - 500 0 0 1786 0 TIA!
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-21T09:34:27.02+00:00

@SergiEE It is difficult to reproduce your problem, I suggest you open a case via: https://support.microsoft.com.
SergiEE 140 Reputation points

2023-04-21T11:03:01.7566667+00:00

I have the case opened :( Thanks for all and I write the solution when we finish. Regards,

3 answers

Your answer

Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-17T06:55:13.4566667+00:00

@SergiEE Please convert your error message to English, I suggest you use the failed request tracking to view detailed error information, this will generate detail log file, which will help you to identify the problem.
SergiEE 140 Reputation points

2023-04-17T11:36:22.41+00:00

Sam Wu-MSFT thanks for the answer. I can translate the message: MP Control Manager detected User Service is not responding to HTTP requests.. The http error is 500. Possible cause: IIS service is not responding.
Solution: Manually restart the W3SVC service on the MP. I'm checking the state of SMS__MP___CONTROL__MANAGER and some times works fine and 20 minutes later return the error..
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-18T10:05:36.29+00:00

@SergiEE Please check if your Frt log is correct, the status code of your error message is 500, but the result you get using frt is 403.7.
SergiEE 140 Reputation points

2023-04-18T16:28:56.39+00:00

Hii! Ok i add the client certificate to personal store and now my request to MP is working correctly:

Im getting the same error in mpcontrol: Call to HttpSendRequestSync failed for port 443 with status code 500, text: Internal Server Error SMS_MP_CONTROL_MANAGER 18/04/2023 18:23:40 5344 (0x14E0) Http test request failed, status code is 500, 'Internal Server Error'. SMS_MP_CONTROL_MANAGER 18/04/2023 18:23:40 5344 (0x14E0) I don't know what more can i try... Regards
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-19T07:57:39.3666667+00:00

@SergiEE These messages cannot reproduce your problem, you still need use the failed request tracking to to see details about 500 error.
SergiEE 140 Reputation points

2023-04-19T11:18:32.96+00:00

@Sam Wu-MSFT i think this is the correct error:

Thanks!!
SergiEE 140 Reputation points

2023-04-20T07:05:45.0066667+00:00

Morning! After delete the duplicated key in webconf, i get different error in IIS but the same at SCCM:
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-20T07:56:02.63+00:00

@SergiEE It seems that the issue caused by ceritificate on server. Please refer to this thread to check the certificate on server. Then delete the unnecessary certificates.
SergiEE 140 Reputation points

2023-04-21T07:10:36.94+00:00

@Sam Wu-MSFT Morning! I have executed the commands few days ago and I don't know if the output it's correct or not, but it doesn't return nothing. I don't know how more can I or what I should do. In inetpub log I can see this following error: 2023-04-20 21:59:56 10.71.75.44 BITS_POST /CCM_INCOMING/{8A34539E-1324-4250-8878-DD558B8D016E} (bits_error:{236F3846-8EFD-4B5B-B8DB-359E91B6C03F},500,0x8020001F) 443 - 10.71.73.184 Microsoft+BITS/7.8 - 500 0 0 1786 0 TIA!
Sam Wu-MSFT 7,561 Reputation points Microsoft External Staff

2023-04-21T09:34:27.02+00:00

@SergiEE It is difficult to reproduce your problem, I suggest you open a case via: https://support.microsoft.com.
SergiEE 140 Reputation points

2023-04-21T11:03:01.7566667+00:00

I have the case opened :( Thanks for all and I write the solution when we finish. Regards,

Answer 1

Hi all, I add the request summary: User's image



 
0 ms
1.  -GENERAL_REQUEST_START 


SiteId
1 

AppPoolId
SMS Management Point Pool 

ConnId
1610613104 

RawConnId
0 

RequestURL
https://XXXXXXXXXX.com:443/sms_mp/.sms_aut?mplist 

RequestVerb
GET 


0 ms

Verbose
2.  -GENERAL_SET_REQUEST_HEADER 


HeaderName
AspFilterSessionId 

HeaderValue
 

Replace
true 


0 ms

Informational
3.  -GENERAL_ENDPOINT_INFORMATION 


RemoteAddress
::1 

RemotePort
61394 

LocalAddress
::1 

LocalPort
443 


0 ms

Informational
4.  -GENERAL_REQUEST_HEADERS 


Headers
Connection: Keep-Alive
Accept: text/html, application/xhtml+xml, */*
Accept-Encoding: gzip, deflate
Accept-Language: es-ES
Host: XXXXXXXXXX.com
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
 


0 ms

Informational
5.  -GENERAL_GET_URL_METADATA 


PhysicalPath
 

AccessPerms
44 


0 ms

Informational
6.  -HANDLER_CHANGED 


OldHandlerName
 

NewHandlerName
getauth 

NewHandlerModules
IsapiModule 

NewHandlerScriptProcessor
c:\windows\ccm\getauth.dll 

NewHandlerType
 


16 ms

Informational
7.  -GENERAL_SET_RESPONSE_HEADER 


HeaderName
X-Frames-Options 

HeaderValue
SAMEORIGIN 

Replace
false 


0 ms

Informational
8.  -GENERAL_SET_RESPONSE_HEADER 


HeaderName
X-Content-Type-Options 

HeaderValue
nosniff 

Replace
false 


0 ms

Informational
9.  -GENERAL_SET_RESPONSE_HEADER 


HeaderName
X-XSS-Protection 

HeaderValue
1;mode=block 

Replace
false 


0 ms

Informational
10.  -GENERAL_SET_RESPONSE_HEADER 


HeaderName
Strict-Transport-Security 

HeaderValue
max-age=31536000; includeSubDomains 

Replace
false 


0 ms

Informational
11.  -GENERAL_SET_RESPONSE_HEADER 


HeaderName
X-Powered-By 

HeaderValue
ASP.NET 

Replace
false 


0 ms
12.  -GENERAL_SEND_CUSTOM_ERROR 


HttpStatus
403 

HttpSubStatus
7 

FileNameOrURL
403.htm 



0 ms

Informational
13.  -GENERAL_FLUSH_RESPONSE_START 



0 ms

Informational
14.  -GENERAL_RESPONSE_HEADERS 


Headers
Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
X-Frames-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1;mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Powered-By: ASP.NET
 


0 ms

Verbose
15.  -GENERAL_RESPONSE_ENTITY_BUFFER 


Buffer
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 
<html xmlns="http://www.w3.org/1999/xhtml"> 
<head> 
<title>IIS 8.5 Detailed Error - 403.7 - Client certificate required</title> 
<style type="text/css"> 
<!-- 
body{margin:0;font-size:.7em;font-family:Verdana,Arial,Helvetica,sans-serif;} 
code{margin:0;color:#006600;font-size:1.1em;font-weight:bold;} 
.config_source code{font-size:.8em;color:#000000;} 
pre{margin:0;font-size:1.4em;word-wrap:break-word;} 
ul,ol{margin:10px 0 10px 5px;} 
ul.first,ol.first{margin-top:5px;} 
fieldset{padding:0 15px 10px 15px;word-break:break-all;} 
.summary-container fieldset{padding-bottom:5px;margin-top:4px;} 
legend.no-expand-all{padding:2px 15px 4px 10px;margin:0 0 0 -12px;} 
legend{color:#333333;;margin:4px 0 8px -12px;_margin-top:0px; 
font-weight:bold;font-size:1em;} 
a:link,a:visited{color:#007EFF;font-weight:bold;} 
a:hover{text-decoration:none;} 
h1{font-size:2.4em;margin:0;color:#FFF;} 
h2{font-size:1.7em;margin:0;color:#CC0000;} 
h3{font-size:1.4em;margin:10px 0 0 0;color:#CC0000;} 
h4{font-size:1.2em;margin:10px 0 5px 0; 
}#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS",Verdana,sans-serif; 
 color:#FFF;background-color:#5C87B2; 
}#content{margin:0 0 0 2%;position:relative;} 
.summary-container,.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} 
.content-container p{margin:0 0 10px 0; 
}#details-left{width:35%;float:left;margin-right:2%; 
}#details-right{width:63%;float:left;overflow:hidden; 
}#server_version{width:96%;_height:1px;min-height:1px;margin:0 0 5px 0;padding:11px 2% 8px 2%;color:#FFFFFF; 
 background-color:#5A7FA5;border-bottom:1px solid #C1CFDD;border-top:1px solid #4A6C8E;font-weight:normal; 
 font-size:1em;color:#FFF;text-align:right; 
}#server_version p{margin:5px 0;} 
table{margin:4px 0 4px 0;width:100%;border:none;} 
td,th{vertical-align:top;padding:3px 0;text-align:left;font-weight:normal;border:none;} 
th{width:30%;text-align:right;padding-right:2%;font-weight:bold;} 
thead th{background-color:#ebebeb;width:25%; 
}#details-right th{width:20%;} 
table tr.alt td,table tr.alt th{} 
.highlight-code{color:#CC0000;font-weight:bold;font-style:italic;} 
.clear{clear:both;} 
.preferred{padding:0 5px 2px 5px;font-weight:normal;background:#006633;color:#FFF;font-size:.8em;} 
--> 
</style> 
 
</head> 
<body> 
<div id="content"> 
<div class="content-container"> 
  <h3>HTTP Error 403.7 - Client certificate required</h3> 
  <h4>The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL) client certificate that the Web server recognizes.</h4> 
</div> 
<div class="content-container"> 
 <fieldset><h4>Most likely causes:</h4> 
  <ul> %09<li>The page you are attempting to access requires an SSL client certificate.</li> %09<li>You are browsing to the page using HTTP.</li> %09<li>The client certificate has expired or the effective time has not been reached.</li> %09<li>The root certificate (the Certificate Authority certificate) of the client certificate issuing server is not installed on the Web server.</li> </ul> 
 </fieldset> 
</div> 
<div class="content-container"> 
 <fieldset><h4>Things you can try:</h4> 
  <ul> %09<li>Contact the site administrator to obtain a valid client certificate for the Web site.</li> %09<li>Try browsing to the page using HTTPS.</li> %09<li>If you have a client certificate installed, check if it has expired or if the effective time has not been reached.</li> %09<li>Verify that the root certificate is installed on the Web server.</li> </ul> 
 </fieldset> 
</div> 
 
<div class="content-container"> 
 <fieldset><h4>Detailed Error Information:</h4> 
  <div id="details-left"> 
   <table border="0" cellpadding="0" cellspacing="0"> 
    <tr class="alt"><th>Module</th><td>&nbsp;&nbsp;&nbsp;SCCMDeviceCertAuthModule</td></tr> 
    <tr><th>Notification</th><td>&nbsp;&nbsp;&nbsp;BeginRequest</td></tr> 
    <tr class="alt"><th>Handler</th><td>&nbsp;&nbsp;&nbsp;getauth</td></tr> 
    <tr><th>Error Code</th><td>&nbsp;&nbsp;&nbsp;0x00000000</td></tr> 
     
   </table> 
  </div> 
  <div id="details-right"> 
   <table border="0" cellpadding="0" cellspacing="0"> 
    <tr class="alt"><th>Requested URL</th><td>&nbsp;&nbsp;&nbsp;https://XXXXXXXXXXXcom:443/sms_mp/.sms_aut?mplist</td></tr> 
    <tr><th>Physical Path</th><td>&nbsp;&nbsp;&nbsp;C:\Windows\CCM\SMS_MP\.sms_aut</td></tr> 
    <tr class="alt"><th>Logon Method</th><td>&nbsp;&nbsp;&nbsp;Not yet determined</td></tr> 
    <tr><th>Logon User</th><td>&nbsp;&nbsp;&nbsp;Not yet determined</td></tr> 
    <tr class="alt"><th>Request Tracing Directory</th><td>&nbsp;&nbsp;&nbsp;C:\inetpub\logs\FailedReqLogFiles</td></tr> 
   </table> 
   <div class="clear"></div> 
  </div> 
 </fieldset> 
</div> 
 
<div class="content-container"> 
 <fieldset><h4>More Information:</h4> 
  This error means that the requested URL requires client certificates. The client certificate is used for identifying you as a valid user of the resource. Contact the site administrator for information about how to acquire the correct certificate to use for the Web site. 
  <p><a href="http://go.microsoft.com/fwlink/?LinkID=62293&amp;IIS70Error=403,7,0x00000000,9600">View more information &raquo;</a></p> 
   
 </fieldset> 
</div> 
</div> 
</body> 
</html> 
 


0 ms

Informational
16.  -GENERAL_FLUSH_RESPONSE_END 


BytesSent
5845 

ErrorCode
The operation completed successfully.
 (0x0) 


0 ms
17.  -GENERAL_REQUEST_END

Answer 2

SergiEE 140

Update: Can be this the problem? User's image

How can i troubleshoot if only accept internet connections? Is possible local clients are trying to connect and then we get this errors? TIA!!!

Answer 3

Finally I solved this.
The issue is the same at start, we have repeated values (X-Frames-Options) in ApplicationHost.config
Just delete the entries and work's fine.
My problem was we have more than one value repeated, then I delete one and the other one still getting error.
Just repeat the FRT and we check this entry :
<add name="X-XSS-Protection" value="1;mode=block" />
In C:\Windows\CCM\CMUserServiceWindowsAuth and ApplicationHost.config
Before all of this we do a backup of ApplicationHost.config.

I hope it works for you!

Share via

Call to HttpSendRequestSync failed for port 443 with status code 500

3 answers

Your answer