Why is the Identity Server on Azure PaaS ASE not running, giving 500.30 error when accessed in the browser on 'identityserverURL'/identity?
Error Details: Identity Server on Azure PaaS is not running, giving 500.30 error when accessed in the browser on 'identityserverURL'/identity.
Orchestrator PaaS logs (after being activated and cleared of PII) shows these 2 errors, saying that it cannot reach Identity, and therefore Orchestrator does not start:
2021-11-03 15:33:52.0287 - ERROR - Orchestrator.Abp.Logging.LogHelper IDX20803: Unable to obtain configuration from: 'https://'identityURL'/identity/.well-known/openid-configuration'.. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://'identityURL'/identity/.well-known/openid-configuration'.
at async Task<T> Microsoft.IdentityModel.Protocols.ConfigurationManager<T>.GetConfigurationAsync(CancellationToken cancel)
at async Task Microsoft.Owin.Security.OpenIdConnect.OpenIdConnectAuthenticationHandler.ApplyResponseChallengeAsync()
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.ApplyResponseCoreAsync()
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.ApplyResponseAsync()
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationHandler.TeardownAsync()
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<TOptions>.Invoke(IOwinContext context)
at async Task Microsoft.Owin.Host.SystemWeb.IntegratedPipeline.IntegratedPipelineContextStage.RunApp(Func<IDictionary<string, object>, Task> entryPoint, IDictionary<string, object> environment, TaskCompletionSource<object> tcs, StageAsyncResult result)
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<TOptions>.Invoke(IOwinContext context)
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<TOptions>.Invoke(IOwinContext context)
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<TOptions>.Invoke(IOwinContext context)
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<TOptions>.Invoke(IOwinContext context)
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<TOptions>.Invoke(IOwinContext context)
at async Task Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware<TOptions>.Invoke(IOwinContext context)
at async Task UiPath.Orchestrator.Web.Owin.GlobalExceptionMiddleware.Invoke(IOwinContext context) in C:/or-bld-ag-7736b785-we/_work/1/s/src/Web/App/Owin/GlobalExceptionMiddleware.cs:line 21
2021-11-03 15:33:55.0049 - ERROR - Orchestrator.tenantId:2.Component:Settings.UiPath.Orchestrator.Web.Common.Filters.UiApiExceptionFilterAttribute System.Net.Http.HttpRequestException: Something went wrong while getting the discovery document.
at async Task<string> UiPath.Orchestrator.Core.IdentityServer.IdentityServerClient.GetAccessTokenAsync()+FactoryAsync(?) in C:/or-bld-ag-7736b785-we/_work/1/s/src/Core/Core/IdentityServer/IdentityServerClient.cs:line 72
at void Abp.Runtime.Caching.CacheExtensions+<>c__DisplayClass9_0<TKey, TValue>+<<GetAsync>b__0>d.MoveNext()
at async Task<object> Abp.Runtime.Caching.CacheBase.GetAsync(string key, Func<string, Task<object>> factory) in D:/Github/aspnetboilerplate/src/Abp/Runtime/Caching/CacheBase.cs:line 182
at async Task<TValue> Abp.Runtime.Caching.CacheExtensions.GetAsync<TKey, TValue>(ICache cache, TKey key, Func<TKey, Task<TValue>> factory) in D:/Github/aspnetboilerplate/src/Abp/Runtime/Caching/CacheExtensions.cs:line 60
at async Task<string> UiPath.Orchestrator.Core.IdentityServer.IdentityServerClient.GetAccessTokenAsync() in C:/or-bld-ag-7736b785-we/_work/1/s/src/Core/Core/IdentityServer/IdentityServerClient.cs:line 53
at async Task<HttpResponseMessage> UiPath.Orchestrator.Core.IdentityServer.IdentityServerClient+IdentityServerHandler.SendAsync(HttpRequestMessage request, CancellationToken cancellationToken) in C:/or-bld-ag-7736b785-
To confirm this issue, set the identity server web.config's hostingmodel from "inprocess" to "outofprocess", enable the stdoutLogs, and add the handlers as shown below:
After that, restart the app service, reproduce the issue, and check the Application Event Logs in the Azure Portal (under Diagnose and Solve Problems blade) if this exception appears:
Application '/LM/W3SVC/397715194/ROOT/identity' with physical root 'D:\home\site\wwwroot\UiPath.IdentityServer.Web\' hit unexpected managed exception, exception code = '0xe0434352'. Please check the stderr logs for more information.
Process Id: 6404.
File Version: 13.1.20169.6. Description: IIS ASP.NET Core Module V2 Request Handler. Commit: 62c098bc170f50feca15916e81cb7f321ffc52ff
Application: UiPath.IdentityServer.Web.exe
CoreCLR Version: 4.700.20.26901
.NET Core Version: 3.1.6
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation.
---> System.IO.FileNotFoundException: Could not load file or assembly 'System.Diagnostics.Tracing, Version=4.2.1.0, Culture=neutral, PublicKeyToken=xxxxxxxxxxxxx'. The system cannot find the file specified.
File name: 'System.Diagnostics.Tracing, Version=4.2.1.0, Culture=neutral, PublicKeyToken=xxxxxxxxxxxxx'
at StartupHook.Initialize()
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor, Boolean wrapExceptions)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.StartupHookProvider.CallStartupHook(StartupHookNameOrPath startupHook)
at System.StartupHookProvider.ProcessStartupHooks()
Resolution:
The temporary solution is to disable Application Insights, as shown in Application Monitoring for Azure App Service and ASP.Net Core . Turning Application Insights back on in any version < 2020.10.9 will still give errors.
- The main solution is to upgrade the Orchestrator version on Azure to a version > 2020.10.9.
Application Insights can be utilized as expected.