Jaa


Configuring BTARN on x64 boxes

As x64 O/S's start to become the norm documenting the additional steps required to configure BTARN to work with these may be helpful. Most of this information is documented in the troubleshooting or "known issues" section of the product documentation. The most important thing to know is BTARN is 32-bit.

The information provided here addresses Windows Server 03 x64 and 08. The changes are to IIS so these would apply to other operating systems depending on the version of IIS. BizTalk provides configuration guidance to enable x64 processing. This is not compatible with BTARN. Review these steps if 404's or 500's are showing up in the application log when attempting to operate BTARN.

Web Service Extensions

Windows 03 (IIS 6.0)

Open IIS manager and check the web extensions. Make sure the BizTalk externsion is not set to the x64 version. It should be "C:\Program Files (x86)\Microsoft BizTalk Server 2006\HttpReceive". The next configuration is a couple of command lines. The first sets processing to 32-bit and the second installs .Net.

cscript %SystemDrive%\inetpub\AdminScripts\adsutil.vbs set w3svc/AppPools/Enable32bitAppOnWin64 1

C:\WINDOWS\Microsoft.NET\Framework64\v2.0.50215>aspnet_regiis.exe -i

This may not be necessary if the ASP .Net 2.0 32-bit entry is visible and enabled under "Web Extensions". If this is not displayed the above code will make the extension available. Be sure to set the value to "allowed".

Windows 08 (IIS 7.0)

Again, BTARN has to run as a 32-bit application. The bigger issue with 08 is the relocation of several configuration options. Here are the instructions to install the BizTalk ISAPI filter from the BizTalk documentation:

Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.

Select the root Web server entry and in the Features View, double-click Handler Mappings and then in the Actions pane, click Add Script Map.

Note - Configuring the script mapping at the Web server level will cause this mapping to apply to all child Web sites. If you wish to restrict the mapping to a specific Web site or virtual folder, select the target site or folder instead of the Web server.

In the Add Script Map dialog box, enter BtsHttpReceive.dll in the Request path field.

In the Executable field, click the ellipsis (.) button and browse to drive:\Program Files\Microsoft BizTalk Server 2009\HttpReceive. Select BtsHttpReceive.dll, and then click OK.

Enter BizTalk HTTP Receive in the Name field, and then click Request Restrictions.

In the Request Restrictions dialog box, select the Verbs tab and then select One of the following verbs. Enter POST as the verb.

On the Access tab, select Script, and then click OK.

Click OK and when prompted to allow the ISAPI extension, click Yes.

This works up to a point. Note the location would implement the x64 version. Since BTARN only works as a 32-bit use "C:\Program Files (x86)\Microsoft BizTalk Server 2009\HttpReceive" instead.

Application Pools (app pool)

Make sure to use a custom app pool for each BTARN web virtual folder. Configure them to run under the same identity as the BizTalk service. This is the same for IIS 6.0 or 7.0. Move to the individual web folders and select the app pool for each.

That's it for IIS 6.0. IIS 7.0 requires additional configuration under each app pool. Select the "Advanced" configuration option and look for "Enable 32-bit Applications" setting and change it to "True". This should get BTARN working. Use the "LoopBack" tutorial to verify the configuration.

Client Authentication (ELEMICA)

Client authentication is not required to get BTARN up and running. However, in many cases this is required by partners. The existing procedures work for Windows 03 x64, but 08 is a different animal. The "ELEMICA" whitepaper (https://msdn.microsoft.com/en-us/library/cc563935.aspx) provides the bulk of configuration details. The process for 08 is easier but not unless instruction is provided. The client authentication certificate installation requires more explanation.

Open MMC and add the "Certificates" add-in. Select the machine account and open the "Personal" store. Import the private key used for client authentication.

Right click the new entry and select "All tasks". Select "Manage Keys" and give "Everyone" read access to the key.

The whitepaper includes a link to replacement web pages required to reference the certificate used for client authentication. The documentation is not so clear on the configuration of the web page. The additional parameter in the web.config must point to the public key of the client authentication certificate. This is the unusual situation where both the public and private keys are required.