10.2.600.5 Kinetic forms not working in TEST

Epicor ERP 10
1

I have 2 environments at the same patch level but on different servers.
In my dev environment, everything’s working great. In my test environment, I am unable to access any kinetic form.
When I naviate to the active home page URL, dev works but test does not.
Dev:

image
image1296×529 65.1 KB

Test:
image
image1179×493 12.9 KB

Attempting to open any kinetic form in the test environment gives this error:
image

image
image1126×337 89.4 KB

I have a feeling this is an IIS setting but not sure where to look as at first glance, both look similarly configured.

These are running on two separate boxes.

Any good place to start?

2

Same server?

3

Different servers

4

Do you have https binding enabled in IIS on the Dev server?

5

Yes, https binding is enabled on both servers. There are different certs however

6

Is the Cert valid? (can you generate a new one?)

7

Can you browse (Internet Explorer or Fire Fox) to just https://YourServer/

8

The cert is valid, I suppose I could try applying a different cert. This test environment is on the production machine and same IIS instance so I’m a little hesitant to make any changes to it :grimacing:

9

oh yeah no don’t touch it lol

10

Noticed it’s the same with the API help pages. The Dev server works just fine whereas the Prod server kicks back the same error: ERR_HTTP2_INADEQUATE_TRANSPORT_SECURITY

Interesting; the URL for the Test environment works just fine in Edge but not chrome

11

Its using a lower (too low) TLS version. Probably your server just needs an update
Chrome is mighty bitchy about that stuff.

2 Likes
12

Ok, I’ll pass this info along to my sysadmin and see what he can do to upgrade to a higher TLS version.
I owe you so many beers!

Thanks

13

The cipher that cert is using is probably considered “weak” (by the google monster… they like to wave their big stick)

And Epicor uses embeded chrome for all their stuff.

1 Like
14

Chrome aside, upgrading to a higher TLS should theoretically fix the kinetics form issues I assume as well, but I’ll report back if that didn’t fix

1 Like
15

Well crud, TLS 1.2 was already enabled and the server rebooted but the same result persists. I also tried swapping out the ssl cert bound to 443 on Epicor, restarted the website, recycled IIS, but same results.

We did notice there are far less ciphers in the registry on the production server than on the dev server, and all works well on the dev server.
Is it perhaps we that we need to add those ciphers to the registry on the production server?

image
image1864×911 266 KB

16

Maybe something in this older thread to help.

2 Likes
17

You can switch on schannel logging. It will require restart as well but at least you will be able to see viable info in event viewer

1 Like
18

Ok I’ll try that. Thanks guys much appreciated I’ll report back

19

here Enable Schannel event logging in Windows - Internet Information Services | Microsoft Learn
I would set 7 to get everything.

20

We ran this tool and applied the best practices, restarted the machine to make the registry edits stick but no luck. Ugh

1 Like