Troubleshooting GEM Error Creating Web Proxy

Error

WanderingWiFi.AirWatch.GEM.BusinessImpl.Inventory.ModuleManifestBusiness  Failed to get modules from GEM: System.Configuration.ConfigurationErrorsException: Error creating the Web Proxy specified in the 'system.net/defaultProxy' configuration section. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.TypeInitializationException: The type initializer for 'WanderingWiFi.AirWatch.PassphraseGenerator' threw an exception. ---> Microsoft.Practices.ServiceLocation.ActivationException: Activation error occured while trying to get instance of type ICacheImplementation, key "" ---> Microsoft.Practices.Unity.ResolutionFailedException: Resolution of the dependency failed, type = "AirWatch.Caching.Wrapper.ICacheImplementation", name = "(none)".

Exception occurred while: while resolving.

Exception is: InvalidOperationException - The current type, AirWatch.Caching.Wrapper.ICacheImplementation, is an interface and cannot be constructed. Are you missing a type mapping?

Microsoft update KB 2919355 has resulted in SHA512 being disabled in Windows when the negotiated protocol is TLS 1.2. AirWatch Admin console is configured to negotiate the most secure SSL/TLS protocols and cipher suites by default. In this case, Transport Layer Security (TLS) 1.2 is the default protocol negotiated. GEM supports TLS 1.2, but will reduce TLS levels to 1.1 or 1.0 if the AirWatch console sever is not compatible with TLS 1.2. When the GEM service is installed on the AirWatch console server, it is automatically configured to use a certificate with SHA512 signature hash algorithm.

In summary, ideally, the AirWatch console server and the GEM server (https://gem.awmdm.com) negotiate TLS 1.2 during the handshake, and a SHA512 certificate is used to authenticate the connection. However, Microsoft does not support this set up, resulting in a failed connection due to anonymous authentication.

 

Affected Versions 

On-Premise environments with Outbound Console Proxy, AirWatch version 8.2+.

Root cause

Interface “ICacheImplementation” added to remove enterprise library caching with System.Runtime.Caching.

 

Workaround 

1. Log in to AirWatch console server.

2. Go to AirWatch installation folder \Services.

3. Back-up AwInstanceInventoryService.exe.

4. Copy the new AwInstanceInventoryService.exe file to the Services folder. 

5. Restart GEM service and check logs for new connection status.

 

Have more questions? Submit a request

0 Comments

Article is closed for comments.