Thursday, January 03, 2013

IIS Error 500 - app pool culprit

I was helping a coworker today with an error trying to get a SharePoint site up and running.  We were able to provision a new web app with SharePoint Central Admin, and were able to create a site collection in that web app, but when we opened up the web app we got the ol' "Internal Server Error 500" error.

What was different with this one was there were no entries in the Windows event viewer or the ULS logs, so I thought it was an issue with IIS - the IIS log did show an entry with a code 500 0 0 23 and 500 0 0 22.  The problem was not with security as I thought, whether an invalid app pool ID, invalid permissions for the app pool account, having anonymous enabled on the site, and so on...

It turned out the problem was a setting with the app pool.  If you go into Advanced Settings for the app pool, the value for Enable 32-Bit Applications was set to True, but the default and proper setting is False, as shown below.



We changed the value back to False, recycled the app pool, and no more error 500!

SharePoint Foundation Event ID 8321, solved

I have two servers running SharePoint 2013 and both were getting the same Event ID 8321 error every 15 minutes or so in the Event Viewer:

A certificate validation operation took 15004.9996 milliseconds and has exceeded the execution time threshold. If this continues to occur, it may represent a configuration issue. Please see http://go.microsoft.com/fwlink/?LinkId=246987 for more details.

I made two changes to solve this, not sure which one did the trick finally but both are worth trying.  The first, my company uses a proxy server, but I didn't have this configured on either server.  The second was to download the latest (December 2012) Root Certificates from Microsoft here:  http://www.microsoft.com/en-us/download/details.aspx?id=35945


So far no more 8321 errors, if they do come back I'll let you know!

Happy 2013!


Updated 5/6/2013...well, turns out it was the first trick that solved this.  My company uses a proxy server to connect out to the Internet, but it's set up with a configuration script.  So...the fix is:

1) Regedit
2) In HKEY_USERS, for each SID based ID (not with _Classes) drill in to:

\Software\Microsoft\Windows\CurrentVersion\Internet Settings

3) Create two keys:

AutoConfigURL, string, set the value to your config script URL
ProxyEnable, DWORD, set to 0

Reboot for good measure.  This did work for me, no more of those pesky errors.

Update 1/21/14:
Found this Support article describing a fix which adds the SharePoint certificate to the trusted certificates store on the server:  http://support.microsoft.com/kb/2625048