First Server Installation for Exchange 2019 CU11 but OWA/ECP Error

Tanisorn Sowudomsilp 106 Reputation points
2022-01-14T13:18:15.85+00:00

Hi All, Please see the picture below, this is first installation for Exchange Server 2019 CU11 but OWA&ECP broken. I do the this KB https://learn.microsoft.com/en-us/exchange/troubleshoot/administration/cannot-access-owa-or-ecp-if-oauth-expired?preserve-view=true#resolution I found the event id: 4999, 1309 and 1003 please see the below, Event ID: 4999 Watson report about to be sent for process id: 15232, with parameters: E12IIS, c-RTL-AMD64, 15.02.0986.015, w3wp#MSExchangeOWAAppPool, M.E.Clients.Common, M.E.C.C.HmacProvider.GetCertificates, M.E.Diagnostics.ExAssertException, cd35-dumptidset, 15.02.0986.015. ErrorReportingEnabled: False ===================================================================================== Event ID: 1309 Event code: 3005 Event message: An unhandled exception has occurred. Event time: 1/14/2022 9:36:47 PM Event time (UTC): 1/14/2022 2:36:47 PM Event ID: c5ad3b7ad1b24a43b2072afc9cef430d Event sequence: 2 Event occurrence: 1 Event detail code: 0 Application information: Application domain: /LM/W3SVC/1/ROOT/owa-2-132866445990448970 Trust level: Full Application Virtual Path: /owa Application Path: C:\Program Files\Microsoft\Exchange Server\V15\FrontEnd\HttpProxy\owa\ Machine name: MEOEX01 Process information: Process ID: 15232 Process name: w3wp.exe Account name: NT AUTHORITY\SYSTEM Exception information: Exception type: ExAssertException Exception message: ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1 at Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String formatString, Object[] parameters) at Microsoft.Exchange.Diagnostics.ExAssert.RetailAssertT1,T2 at Microsoft.Exchange.Clients.Common.HmacProvider.GetCertificates() at Microsoft.Exchange.Clients.Common.HmacProvider.GetHmacProvider() at Microsoft.Exchange.Clients.Common.HmacProvider.ComputeHmac(Byte[][] messageArrays) at Microsoft.Exchange.HttpProxy.FbaModule.SetCadataCookies(HttpApplication httpApplication) at Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.HandleFbaFormPost(BackEndServer backEndServer) at Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.ShouldContinueProxy() at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.BeginProxyRequestOrRecalculate() at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InternalOnCalculateTargetBackEndCompleted(TargetCalculationCallbackBeacon beacon) at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.<>c_DisplayClass280_0.<OnCalculateTargetBackEndCompleted>b_0() at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func2 filterDelegate, Action1 catchDelegate) at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.CallThreadEntranceMethod(Action method) Request information: Request URL: https://meoex01.meojewelry.com:443/owa/auth.owa Request path: /owa/auth.owa User host address: 192.168.0.23 User: MEOJ\Administrator Is authenticated: True Authentication Type: Basic Thread account name: NT AUTHORITY\SYSTEM Thread information: Thread ID: 12 Thread account name: NT AUTHORITY\SYSTEM Is impersonating: False Stack trace: at Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String formatString, Object[] parameters) at Microsoft.Exchange.Diagnostics.ExAssert.RetailAssertT1,T2 at Microsoft.Exchange.Clients.Common.HmacProvider.GetCertificates() at Microsoft.Exchange.Clients.Common.HmacProvider.GetHmacProvider() at Microsoft.Exchange.Clients.Common.HmacProvider.ComputeHmac(Byte[][] messageArrays) at Microsoft.Exchange.HttpProxy.FbaModule.SetCadataCookies(HttpApplication httpApplication) at Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.HandleFbaFormPost(BackEndServer backEndServer) at Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.ShouldContinueProxy() at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.BeginProxyRequestOrRecalculate() at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InternalOnCalculateTargetBackEndCompleted(TargetCalculationCallbackBeacon beacon) at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.<>c_DisplayClass280_0.<OnCalculateTargetBackEndCompleted>b_0() at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func2 filterDelegate, Action1 catchDelegate) at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.CallThreadEntranceMethod(Action method) Custom event details: ==================================================================================== and 1003 [Owa] An internal server error occurred. The unhandled exception was: Microsoft.Exchange.Diagnostics.ExAssertException: ASSERT: HMACProvider.GetCertificates:protectionCertificates.Length<1 at Microsoft.Exchange.Diagnostics.ExAssert.AssertInternal(String formatString, Object[] parameters) at Microsoft.Exchange.Diagnostics.ExAssert.RetailAssertT1,T2 at Microsoft.Exchange.Clients.Common.HmacProvider.GetCertificates() at Microsoft.Exchange.Clients.Common.HmacProvider.GetHmacProvider() at Microsoft.Exchange.Clients.Common.HmacProvider.ComputeHmac(Byte[][] messageArrays) at Microsoft.Exchange.HttpProxy.FbaModule.SetCadataCookies(HttpApplication httpApplication) at Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.HandleFbaFormPost(BackEndServer backEndServer) at Microsoft.Exchange.HttpProxy.FbaFormPostProxyRequestHandler.ShouldContinueProxy() at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.BeginProxyRequestOrRecalculate() at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.InternalOnCalculateTargetBackEndCompleted(TargetCalculationCallbackBeacon beacon) at Microsoft.Exchange.HttpProxy.ProxyRequestHandler.<>c_DisplayClass280_0.<OnCalculateTargetBackEndCompleted>b_0() at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func2 filterDelegate, Action1 catchDelegate) Anybody please help or suggestion me how do the next steps? Thank you very much Tanisorn Sowudomsilp ![![165145-image.png][1]][1] [1]: /api/attachments/165108-image.png?platform=QnA

Microsoft Exchange Online Management
Microsoft Exchange Online Management
Microsoft Exchange Online: A Microsoft email and calendaring hosted service.Management: The act or process of organizing, handling, directing or controlling something.
2,884 questions
Exchange Server Management
Exchange Server Management
Exchange Server: A family of Microsoft client/server messaging and collaboration software.Management: The act or process of organizing, handling, directing or controlling something.
6,084 questions
No comments
{count} votes

Accepted answer
  1. Andy David - MVP 109.5K Reputation points Microsoft MVP
    2022-01-14T13:31:04.823+00:00

    So you replace the OAuth Cert?
    If so, you may need to wait a bit for it take effect. Could be hours.


1 additional answer

Sort by: Most helpful
  1. Falcon IT Services 186 Reputation points
    2022-01-14T13:55:42.787+00:00

    Hello,

    Have you tried a new certificate binding yet? Bind your new certificate in IIS then run iisreset.

    If that doesn't work, create a new self-signed (or Public) certificate, bind it to IIS and then run the iisreset command.

    https://learn.microsoft.com/en-us/exchange/troubleshoot/client-connectivity/owa-ecp-ems-cannot-connect-after-self-signed-certificate-removed

    Miguel Fra
    https://www.falconitservices.com