none
AS2 Encoding problem RRS feed

  • Question

  •  

    Hi guys, I'm having a strange issue . After receiving and processing an AS2 message (encoded), whenever the response part of the port tries to get back with the MDN I get:

     

    A BTS MIME error was encountered when attempting to encode a message. Error: Exception of type 'Microsoft.BizTalk.Component.MIMEException' was thrown., HResult:-2146885628

     

    Any ideas?

    Monday, August 13, 2007 1:38 PM

Answers

  • Hello!

     

    This error means that S/MIME component is not able to retreive a certificate from a certificate store.

     

    Please double check the following:

     

    1) Your certificate services are running.

    2) Host instance used when generating an MDN is able to access profile with certificate specified. If you are generating a sync MDN then it will be generated from a isolated host instance, which runs under your IIS account. By default profile for IIS is not loaded, and that might give you this problem.

     

    Thank you,

    Yury

    Monday, August 13, 2007 7:08 PM
  • There can be multiple approaches to this. Here is one approach:

     

    1) [Isolate problem] Try to use the same account both for isolated host user and in-process user. If it will solve the problem, then we'll know that the problem is isolated. You can configure this in BizTalk mmc under hosts node.

    2) [Possible solution] Create an empty service running under the same account as a isolated host user. This service will force a profile to be loaded at all time this service is running.

     

    Thank you,

    Yury

    Monday, August 13, 2007 8:27 PM

All replies

  • Are you using certificates? This error generally comes up when the certificates are not setup correctly.

     

    Farida

    Monday, August 13, 2007 5:31 PM
  • Well Farida, thanks for the answer.

     

    Yes, I installed Certificates Services in Windows 2003 , created a new cert. and aprroved it.

     

    Finally, in the signing configuration for the Biztalk Group to encode the MDN I choose that certificate, still I get that error.

     

    Any ideaS?

    Victor

     

    Monday, August 13, 2007 5:36 PM
  • I assume that you want to sign the outgoing MDN.

     

    Make sure that the certificate is located in the correct store.

     

    Example: You are sending MDN over HTTP SEND running under HostA using AccountX

    Open certificate MMC using AccountX. Make sure that your private key is located at Current user\Personal store

     

    Make sure that the certificate can work as a signing certificate. If you open the certificate, the key usage should mention 'digital signing'

     

    Thanks

    Farida

     

    Monday, August 13, 2007 5:55 PM
  • Dear Farida:

    Exactly, I double checked and I have a certificate with this key usage:

     

    Digital Signature, Non-Repudiation, Key Encipherment, Data Encipherment

     

    And it mentions that I have a private key for the selected certificate.

     

    It's configurated only in the Biztalk Group as the certificate to sign the outgoing messages, not in any other port of course or receive location.

    Monday, August 13, 2007 6:49 PM
  • Hello!

     

    This error means that S/MIME component is not able to retreive a certificate from a certificate store.

     

    Please double check the following:

     

    1) Your certificate services are running.

    2) Host instance used when generating an MDN is able to access profile with certificate specified. If you are generating a sync MDN then it will be generated from a isolated host instance, which runs under your IIS account. By default profile for IIS is not loaded, and that might give you this problem.

     

    Thank you,

    Yury

    Monday, August 13, 2007 7:08 PM
  • Thanks for the answer Yury.

     

    1) The first item is ok, certificate services are running. In fact, they're on the same box as Biztalk.

    2) Yes, I'm generating sync MDN.  What should I configure then to avoid the not loaded profile problem?

     

    Thanks again,

    Victor

    Monday, August 13, 2007 7:18 PM
  • There can be multiple approaches to this. Here is one approach:

     

    1) [Isolate problem] Try to use the same account both for isolated host user and in-process user. If it will solve the problem, then we'll know that the problem is isolated. You can configure this in BizTalk mmc under hosts node.

    2) [Possible solution] Create an empty service running under the same account as a isolated host user. This service will force a profile to be loaded at all time this service is running.

     

    Thank you,

    Yury

    Monday, August 13, 2007 8:27 PM
  • Thanks Yuri, I isolated the problem.  I had certificate config problems!!!

     

    Thanks again

     

    Monday, August 20, 2007 9:06 PM
  • Hi Victor,

     

    I am also facing the same problem as you were.....

     

    Can you please guide me on what all things to check when verifying certificate configurations...

     

    Below is the error that I see in HAT of Biztalk at the sending step:

     

    There was a failure executing the send pipeline: "Custom Pipeline" Source: "MIME/SMIME encoder" Send Port: "E:\Test\%SourceFileName%_%MessageID%.txt" Reason: Exception of type Microsoft.BizTalk.Component.MIMEException was thrown.
    Exception of type Microsoft.BizTalk.Component.MIMEException was thrown.

     

    Can you help me with this..??

     

    Thanks in Advance..!!

     

    Ravi

     

    Thursday, November 15, 2007 10:05 AM
  • Ok... pray tell... what were these "certificate config problems" ?? 

     

    Thursday, December 20, 2007 6:51 PM
  • I was having the same problem. What I did to resolve it was to remove the certificates used for signing and encryption in both the personal stores and the Other people stores, and install a private key file and then reinstall the original certificates. (In MMC). The private key file has a .pfx extension.

    The certificates should come up when you double click them saying 'You have a private key that corresponds to this certificate'. The errors stopped and the message sent.
    Monday, June 2, 2008 9:32 PM