Ok, this is a bit of a doozy. I've been saddled with a SharePoint 2013 on prem site and a few web parts are having issues getting information from an Oracle server. I'm trying to troubleshoot the connection, but I can't even access the Secure Store Service to find out if the connection is working or where the connection is going. When I try to get in there, I get "Sorry, this site hasn't been shared with you." When I check the ULS logs, it has a couple errors: EventID 8311 (SSL policy errors have been encountered) and EventID 7557 (Secure Store Service Proxy is not accessible). What's extra weird, is the server it's trying to communicate with is the same server, just on port 32844. I'm using an account that can access most sites and features.
To make matters more interesting, the Central Admin site isn't accessible in https, only http. I'm really at a loss as to where to go.
I've tried the following code, but it says "cannot update the secure store master key. Exception calling 'Invoke' with '2' arguments"
$sa = Get-SPServiceApplication 9ebf067e-2161-42b5-87ac-9c6f0a3eaf66;
$proxy = Get-SPServiceApplicationProxy 4d13d637-d6e5-41d4-a7ea-0c9aef3d7769;
$sp_secure_store_passpharse_new = "micro8845";
try{
##BUG with Update-SPSecureStoreMasterKey => Didn't work properly
#HotFix: Reverse engineering on classes:
#-> Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplication
#-> Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy
#-> Microsoft.Office.SecureStoreService.Server.KeyManagement.KeyManager
#-> Microsoft.Office.SecureStoreService.Server.CryptoHelper
$ass = $sa.GetType().Assembly
$CryptoHelperType = $ass.GetType("Microsoft.Office.SecureStoreService.Server.CryptoHelper")
$GetPassPhraseHashMethod=$CryptoHelperType.GetMethod("GetPassPhraseHash");
$proxyType = $proxy.GetType();
$IsMasterSecretKeyPopulated = $proxyType.GetMethod("IsMasterSecretKeyPopulated",[Reflection.BindingFlags]"NonPublic,Instance")
$SetChangeKeyPassphrase = $proxyType.GetMethod("SetChangeKeyPassphrase",[Reflection.BindingFlags]"NonPublic,Instance")
$SetKey = $proxyType.GetMethod("SetKey",[Reflection.BindingFlags]"NonPublic,Instance", $null, [type[]]@([string]), $null)
if(-not $IsMasterSecretKeyPopulated.invoke($proxy,$null)){
#ChangeKey with the proxy is buggy
#$proxy.ChangeKey( $proxy.GetChangeKeyToken(), $sp_secure_store_passpharse_new );
#Fallback by using the service application directly
$token = $sa.GetChangeMasterSecretKeyToken();
$sa.ChangeMasterSecretKey($token, $GetPassPhraseHashMethod.Invoke($null, $sp_secure_store_passpharse_new) );
$c=0;
while(-not $IsMasterSecretKeyPopulated.invoke($proxy,$null)){
$c++;
if($c -ge 20){
Write-Error $("The master key cannot be populated!");
}
sleep 1;
}
}
$SetChangeKeyPassphrase.invoke($proxy, @($sp_secure_store_passpharse_new));
$SetKey.invoke($proxy,$sp_secure_store_passpharse_new);
}catch{
Write-Error $("Cannot update the secure store master key.`n{0}" -f $_.Exception.Message);
}
The browser had to be started as an administrator. Now, I am able to do everything I need to do.