Friday, April 24, 2009

Access Edge service terminated with service-specific error 3286842466 (0xC3E93C62)

This morning, a friend of me and former colleague deployed an OCS 2007 R2 environment with an OCS Edge.

The customer should take care of the according firewall rules.

After completing the deployment, he was unable to start up all the OCS Edge services. He got the following error:
  • Failed starting the protocol stack. The service has to stop
    Error code is:0xC3E93C62 (SIPPROXY_E_NO_DEFAULT_OUTGOING_CERT).Cause: Check the previous entries in the event log for the failure.
In the Event log he found the corresponding error:
  • The Office Communications Server Access Edge service terminated with service-specific error 3286842466 (0xC3E93C62).
When he studied the corresponding certificate, he found the path to the Certificate Revocation Lists Url: http://crl.geotrust.com/crls/secureca.crl

He tried to open the page from the Edge as well from the ISA firewall, but failed.

After re examin the firewall rules he learned that the customer did not set the outbound firewall rule to download certificate revocation lists.
The rule has the be configured as:
  • External
  • Local Port: 80 HTTP.
  • Direction: Outbound (to download certificate revocation lists).
  • Remote Port: Any.
  • Local IP: The external IP address of the Access Edge service.
  • Remote IP: Any IP address.
When he applied the rule, he was able to start the Access Edge service and tested with success Open Federation.
Posted by at
Labels: , , ,

2 comments:

  1. Juan M.July 3, 2009 at 3:55 PM

    I had the same problem, and it was caused due to a public certificate renew process. Checking at previous logs at the event viewer i saw there was a problem with the validity of my certificates.

    ReplyDelete
  2. Juan M.July 3, 2009 at 3:56 PM

    problem was solved as soon as I loaded the OCS console and selected the real and valid public certificate.

    ReplyDelete

Subscribe to: Post Comments (Atom)