Troubleshoot MID Server connectivity with the instanceSummary<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Troubleshoot a MID Server that shows as down when the following conditions are met: MID Server service is up and running.You can connect to the instance from the MID Server host using a browser.You can ping the instance from the MID Server host.No Windows firewall is configured.A proxy may be configured on the MID Server. Release<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } All supported releases Instructions<!-- /*NS Branding Styles*/ --> .ns-kb-css-body-editor-container { p { font-size: 12pt; font-family: Lato; color: #000000; } span { font-size: 12pt; font-family: Lato; color: #000000; } h2 { font-size: 24pt; font-family: Lato; color: black; } h3 { font-size: 18pt; font-family: Lato; color: black; } h4 { font-size: 14pt; font-family: Lato; color: black; } a { font-size: 12pt; font-family: Lato; color: #00718F; } a:hover { font-size: 12pt; color: #024F69; } a:target { font-size: 12pt; color: #032D42; } a:visited { font-size: 12pt; color: #00718f; } ul { font-size: 12pt; font-family: Lato; } li { font-size: 12pt; font-family: Lato; } img { display: ; max-width: ; width: ; height: ; } } Step 1. Check the MID Server agent log Check the MID Server agent log for the following errors: 10/01/19 09:07:23 (175) StartupSequencer WARNING * WARNING org.apache.commons.httpclient.ConnectTimeoutException: The host did not accept the connection within timeout of 10000 ms when posting to https://<instance>.service-now.com/InstanceInfo.do?SOAP10/01/19 09:07:23 (175) StartupSequencer SEVERE ERROR SOAP Request: <SOAP-ENV:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tns="http://www.service-now.com/GetMIDInfo" xmlns:m="http://www.service-now.com" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><m:execute></m:execute></SOAP-ENV:Body></SOAP-ENV:Envelope>10/01/19 09:07:23 (175) StartupSequencer SEVERE ERROR SOAP Response: Status code=0, Response body=null10/01/19 09:07:23 (175) StartupSequencer SEVERE ERROR Problem invoking InstanceInfo on https://<instance>.service-now.com/: Please check that the InstanceInfo page exists in the sys_public table and active="true".10/01/19 09:07:23 (175) StartupSequencer SEVERE ERROR org.apache.commons.httpclient.ConnectTimeoutException: The host did not accept the connection within timeout of 10000 ms when posting to https://<instance>.service-now.com/InstanceInfo.do?SOAP(Network Configuration issue) Please check that the MID server can ping the instance: https://<instance>.service-now.com/You may also need to configure the network that the MID server uses to allow traffic over TCP port 443.10/01/19 09:07:23 (175) StartupSequencer SEVERE ERROR * test failurejava.lang.IllegalStateException: Unable to connect to instance.at com.service_now.mid.services.StartupSequencer.runTests(StartupSequencer.java:386)at com.service_now.mid.services.StartupSequencer$Starter.run(StartupSequencer.java:349) Step 2. Check SOAP calls During the startup sequence, the MID Server checks connectivity with the instance by invoking a SOAP call to the following URL (replace <instance> with your instance name): https://<instance>.service-now.com/InstanceInfo.do?SOAP When you go to this URL, you should receive the following response: <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"> <SOAP-ENV:Header/> <SOAP-ENV:Body> <SOAP-ENV:Fault> <faultcode>SOAP-ENV:Server</faultcode> <faultstring> Error completing SOAP request - Only HTTP POST supported </faultstring> <detail>Error completing SOAP request</detail> </SOAP-ENV:Fault> </SOAP-ENV:Body> </SOAP-ENV:Envelope> This is the expected response because InstanceInfo.do?SOAP does not accept GET requests. To view this message in the browser, turn off friendly message display. This browser test is not comprehensive. Some firewalls or proxy servers allow traffic initiated from a browser but block other traffic by filtering the user-agent or other HTTP header fields. In this case, testing the URL in a browser works but the MID Server still cannot connect. To perform a more thorough test, use a SOAP client tool such as Postman to perform a SOAP POST call to the instance with the following information: HTTP URL: https://<instance>.service-now.com/InstanceInfo.do?SOAP HTTP Headers: Content-Type: text/xml;charset=UTF-8 user-agent: internal_soap_client SOAPAction: Get HTTP Body: <SOAP-ENV:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tns="http://www.service-now.com/GetMIDInfo" xmlns:m="http://www.service-now.com" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><m:execute><table xsi:type="xsd:string">ecc_agent_log</table></m:execute></SOAP-ENV:Body></SOAP-ENV:Envelope> You should receive a response with tags containing information from your instance: <?xml version="1.0" encoding="UTF-8"?> <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <SOAP-ENV:Body> <executeResponse xmlns="http://www.service-now.com"> <result> <install_name>XXXX</install_name> <instance_name>myinstance</instance_name> <instance_id>XXXX</instance_id> <build_date>XXXX</build_date> <build_tag>XXXX</build_tag> <system_id>XXXX</system_id> <node_id>XXXX</node_id> <instance_ip>XXXX</instance_ip> <mid_buildstamp>mXXXX</mid_buildstamp> <mid_version>XXXX</mid_version> </result> </executeResponse> </SOAP-ENV:Body> </SOAP-ENV:Envelope> If your MID Server runs on Linux, you can use cURL instead: curl --header 'Content-Type: text/xml;charset=UTF-8' --header 'SOAPAction: Get' --header 'user-agent: internal_soap_client' --data '<SOAP-ENV:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tns="http://www.service-now.com/GetMIDInfo" xmlns:m="http://www.service-now.com" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><m:execute><table xsi:type="xsd:string">ecc_agent_log</table></m:execute></SOAP-ENV:Body></SOAP-ENV:Envelope>' https://myinstance.service-now.com/InstanceInfo.do?SOAP | xmllint --format - Step 3. Check MID Server proxy settings Check the MID Server proxy settings in the /agent/config.xml file: <parameter name="mid.proxy.use_proxy" value="true"/><parameter name="mid.proxy.host" value="proxy.company.net"/><parameter name="mid.proxy.port" value="803"/> Configure your browser with the same proxy settings and test connectivity using the URL from Step 2: https://<instance>.service-now.com/InstanceInfo.do?SOAP Step 4. Check the InstanceInfo Scripted Web Service Check the InstanceInfo Scripted Web Service for any customizations: https://<instance>.service-now.com/nav_to.do?uri=sys_web_service.do?sys_id=0cbfe98d83301000dada83ec37d929c8 Step 5. SSL troubleshooting To find the IP address of the instance, see Finding the IP address information for your instance. Alternatively, you can use the following commands: ping instance_name dig +noall +answer instance_name If you suspect an SSL negotiation issue, enable SSL debugging: On the MID Server, open the ../agent/conf/wrapper-override.conf file.Add the following line at the bottom of the file: wrapper.java.additional.3=-Djavax.net.debug=sslRestart the MID Server service.Review the SSL debugging information in the wrapper.log file. Important: Remove this line and restart the MID Server when you complete your investigation. Look for the following information in the log: trustStore is: <Install>\agent\jre\lib\security\cacertsTLS protocol version (TLSv1.2)Cipher Suites in ClientHelloCipher Suites in ServerHello If you run a Wireshark packet capture on the MID Server host, you can view the SSL session handshake. Filter by the IP address of the instance. The SSL handshake should follow this sequence: MID Server Client Hello → Instance← Server Hello← Certificate← Server Key Exchange← Hello DoneClient Key Exchange → Change Cypher Spec → Encrypted Handshake Message → ← Change Cypher Spec← Encrypted Handshake Message← Application Data →