locked
Document checkout via HTTPS causes FileNotFoundException RRS feed

  • Question

  • Hello,

     

    In our SharePoint 2010 environment, if authenticated users attempt to check out documents externally via https, a ‘File Not Found’ Error is raised and the following error is reported in the ULS logs:

     

    System.IO.FileNotFoundException: The Web application

     at https://vault.domain.com.au/clients/client1/ClientDocuments/test.txt could not be found. Verify that you have typed the URL correctly. If the URL should be serving existing content, the system administrator may need to add a new request URL mapping to the intended application.

     

    However, checking out the document internally (using the same URL but with http instead of https) works fine.

     

    Also, it is only the checkout operation that fails via https; Using https to open the document without checking out works successfully, as does checking IN the document if it is already checked out.

     

    I have tried this in several document libraries in several site collections, and they all cause the same error when trying to check out.

     

    We are using Microsoft Forefront Threat Management Gateway 2010 to publish our SharePoint sites, with HTTPS and HTTP connections enabled, and HTTP traffic redirected to HTTPS. However I am unsure what configurations may be causing an issue, as all operations on documents work except for check out. AAM is configured on the web application, however all Public URLs use the http address. Might i have to change the public URL to use https?

     

    Can anyone please provide any suggestions what may raise this exception?

     

    Thanks


    Nicholas Demos
    Monday, November 21, 2011 2:35 AM

Answers

  • Hi,

     

    Thanks for your reply,

     

    Reviewing my Alternate Access Mappings, I added an additional internal URL to my Intranet zone to use the HTTPS protocol. Thus my alternate access mappings for my web application are as follows:

     

    Internal URL                                                       Zone                      Public URL for Zone

    http://vault.domain.com.au                       Intranet               http://vault.domain.com.au

    https://vault.domain.com.au                     Intranet               http://vault.domain.com.au

     

     

    And this resolved my external document check out issue – clients can now successfully check out documents via HTTPS.

     

    Thanks for your assistance!


    Nicholas Demos
    • Marked as answer by Nicholasd1980 Monday, November 28, 2011 3:47 AM
    Monday, November 28, 2011 3:46 AM

All replies

  • If you're not doing SSL offloading on TMG, you will need to add the SSL AAM to your Web Application.
    http://sharepoint.nauplius.net
    Monday, November 21, 2011 7:19 PM
  • Hi Trevor,

     

    Thanks for your reply.

     

    On my TMG server, in my Web Publishing rule for my SharePoint server, on the Bridging tab I have specified all incoming requests to be redirected to HTTP port 80, which would cause all incoming traffic via HTTP or HTTPS to be routed to that port, so yes SSL offloading is performed on the TMG server.

     

    Not sure if this is relevant, but under the Link Translation tab I have specified Apply link translation to this rule.

     

    Under the properties for the Web listener used by my Web Publishing rule, I have enabled HTTP client connections on port 80, and HTTPS client connections on port 443.

    Then under HTTP to HTTPS Redirection, I have selected Redirect all traffic from HTTP to HTTPS.

     

    To my understanding, this means that all connections to my TMG server are routed through HTTPS, but are then offloaded by the TMG server and directed to my SharePoint server via HTTP.

     

    Is my understanding correct?

     

    Further to this, looking at the ULS logs, I’ve noticed that the FileNotFoundException that is raised states:

     

    System.IO.FileNotFoundException: The Web application

     at https://vault.domain.com.au/clients/client1/ClientDocuments/test.txt could not be found. Verify that you have typed the URL correctly. If the URL should be serving existing content, the system administrator may need to add a new request URL mapping to the intended application.  

     

    But the request is coming from:

     

    Request (POST:http://vault.domain.com.au:80/clients/client1/_layouts/Checkin.aspx?FileName=https%3A%2F%2Fvault%2E domain %2Ecom%2Eau%2Fclients%2Fclient1%2FClientDocuments%2Ftest%2Etxt&Checkout=true&Source=https%3A%2F%2Fvault% domain %2Ecom%2Eau%2Fclients%2Fclient1%2FClientDocuments%2FForms%2FAllItems%2Easpx%3FView%3D%7Bb8442e51%2D5cfb%2D4191%2D855d%2D0e9e36b0eb82%7D%26SortField%3DModified%5Fx0020%5FDate%26SortDir%3DDesc&InitialTabId=Ribbon%2EDocument&VisibilityContext=WSSTabPersistence)

     

    You’ll notice that although the original client request comes from HTTPS, the request has been correctly redirected to HTTP (highlighted in bold above), but the FileName parameter passed into Checkin.aspx retains the original HTTPS URL. I think this is what is raising the FileNotFoundException, as the HTTPS URL is unknown by the web server or AAM.

     

    Shouldn’t this FileName parameter have been changed to use the HTTP protocol?

     

    If I need to add an AAM mapping for this HTTPS URL, how should I add it – as another internal URL?

     

    Thanks for your help.


    Nicholas Demos
    Wednesday, November 23, 2011 3:33 AM
  • Hi,

     

    From your error message, I suggest that you change the public url into https, then see what’s going on.

     

    For internal users, you can add http as an intranet url.

     

    For more information about Securing SharePoint Sites with Forefront TMG 2010, see

     

    http://programming4.us/enterprise/3284.aspx

     

    Thanks,

    Rock Wang


    Regards, Rock Wang Microsoft Online Community Support
    Wednesday, November 23, 2011 9:49 AM
  • Hi,

     

    Thanks for your reply,

     

    Reviewing my Alternate Access Mappings, I added an additional internal URL to my Intranet zone to use the HTTPS protocol. Thus my alternate access mappings for my web application are as follows:

     

    Internal URL                                                       Zone                      Public URL for Zone

    http://vault.domain.com.au                       Intranet               http://vault.domain.com.au

    https://vault.domain.com.au                     Intranet               http://vault.domain.com.au

     

     

    And this resolved my external document check out issue – clients can now successfully check out documents via HTTPS.

     

    Thanks for your assistance!


    Nicholas Demos
    • Marked as answer by Nicholasd1980 Monday, November 28, 2011 3:47 AM
    Monday, November 28, 2011 3:46 AM