Saturday, May 23, 2020

Sitecore Identity Server Azure AD plugin and "Site can't be reached" error

Recently we ran into an issue while configuring Azure AD plugin in Sitecore Identity Server. After enabling the plugin and double-checking of the Tenant and Client IDs values we were still getting the following error when the user would return from Azure back to Sitecore Identity Server endpoint.

Running a Fiddler trace showed that when the request is made to the Sitecore Identity Server the error code that is returned was 400 - Request too long. After several hours of trying different things and googling for the "Sitecore can't be reached" error, I finally found the cause of our issue. 

A very nice and detailed blog that I found explained not only the issue but also provided the solution which worked perfectly in our solution. You can find it at https://topic.alibabacloud.com/a/modify-maxfieldlength-and-maxrequestbytes-to-completely-resolve-request-too-long-problem-_win-server_8_8_20115811.html

Apparently "when IIS7/7.5 receives a request header that is longer than 16K (the default), a bad request-request Too Long is raised. HTTP Error 400. The size of the request headers is too long. of errors."

To resolve this error we added the two registry keys that the blog was calling for. 

In Registry under "Hkey_local_machine\system\currentcontrolset\services\http\parameters" we added two DWORD (32-bit) keys:
  1. MaxFieldLength with a value of decimal 32768;
  2. MaxRequestBytes with a value of decimal 32768.
After these changes were made and the server was restarted the error went away!








No comments:

Post a Comment