JSS Node Proxy and CSPs

Lately I’ve been digging into JSS delivery topologies and in particular SSR proxy options. As a starting point, I’ve been using the sample node headless proxy from the Sitecore JSS Github repo. In my dev scenario I was hitting a local Standalone Sitecore instance in Docker, and immediately noticed the images being referenced from Sitecore were getting blocked by the Content Security Policy (CSP). This is due to the CSP being set on all requests to the CM via a web.config setting, and then it being repeated back to the browser via the node proxy.

Read More »

JSS headless SSR proxy “unable to verify the first certificate”

When developing a new JSS solution I was looking to have a play locally in headless mode. Unfortunately I hit an issue after standing up a newly minted Sitecore 10 SXA/JSS instance in docker and using it as the apiHost running the node-headless-ssr-proxy sample app locally. After setting up the appropriate values for the proxy and ensuring the react app was in place, I was getting the following error for all SSR layout service requests.

[HPM] Proxy created: /  -> https://xp0cm.localhost
server listening on port 3001!
FetchError: request to https://xp0cm.localhost/sitecore/api/jss/dictionary/jss-sandbox/en?sc_apikey=%7BXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX%7D failed, reason: unable to verify the first certificate
    at ClientRequest.<anonymous> (C:\repos\sandbox\node-proxy\node_modules\node-fetch\lib\index.js:1444:11)
    at ClientRequest.emit (events.js:315:20)
    at TLSSocket.socketErrorListener (_http_client.js:426:9)
    at TLSSocket.emit (events.js:315:20)
    at emitErrorNT (internal/streams/destroy.js:92:8)
    at emitErrorAndCloseNT (internal/streams/destroy.js:60:3)
    at processTicksAndRejections (internal/process/task_queues.js:84:21) {
  type: 'system',
  errno: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
  code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'
}
Read More »

Symposium 2019 – What to look forward to

Sitecore Symposium 2019 is coming up at the Swan and Dolphin* Resort in Orlando, FL.  I live on the other side of the world from Orlando.  Almost literally. It’ll take me just short of 24 hours flight time to get there.  Add in transit and the inevitable delays, it’s over 30+ hours door to door…..each way. I’ll also be leaving a young family and (very understanding) wife at home.  This bit, in particular I am not looking forward to.

But it’s worth it.Read More »

List binary details with powershell

When troubleshooting Sitecore issues and interacting with support there is often a need to confirm the versions of binaries in your solution. While there are tools to help provide all the information, sometimes its just not possible in some environments.

One particular issue we had required a detailed list of the bin folder. Handily the sitecore does write details of all the binaries at startup to the log. Un-handily, if you’re using Application Insights, you’ll likely have the log message truncated as it tends to exceed the 10,000 character trace message size limit.

Unfortunately it’s not as easy as just dir *.dll, as the details required include assembly names and version. But, powershell to the rescue.


get-childitem .\bin\* -include *.dll
| foreach-object { "{0}`t({1},{2})" -f $_, [System.Diagnostics.FileVersionInfo]::GetVersionInfo($_).Comments, [System.Diagnostics.FileVersionInfo]::GetVersionInfo($_).ProductVersion }
| Out-File -filepath assemblies.txt

This will dump the binary details out to a file in the same format as the Sitecore log would’ve done. If you’re on Azure Web apps, you can run this via the powershell console in KUDU. This file can then easily be downloaded then analysed, compared or submitted to support.

Sitecore Community roundup

TL;DR
All the links:  https://www.one-tab.com/page/hhG8MeijS92Pk8xlCq9eFw

perth

At the most recent meetup of the Perth Sitecore User Group, we tried a bit of a new format. Given we are physically isolated (surrounded by desert and sharks) and in a timezone that bends the space/time continuum, we have come up with some plans to further engage with the community around the world and start some discussions locally.

At the last meetup we kicked it off with Andy Parry  giving a knowledgeable presentation on Universal tracker usage and installation.  Then following a short pizza & beer break we moved into what we are terming the “Sitecore community roundup”.  This is loosely based on the format of the “ASP.Net live community standup” (https://live.asp.net/), which if you haven’t checked out already….do.  I presented a curated a list of blog posts/videos, community news & events that had been shared amongst the wider Sitecore community over the past month or so.   We stepped through each link and gave a quick summary and kudos mentions to the authors before handing over to the floor for discussion.  This worked really well, with participants engaging with related issues/solutions and starting some ad hoc discussion around each topic.  It was a great conversation starter and attendees now have the chance to grab the links list and follow up on the topics that particularly interest them.

In future, we hope to try and engage with authors/contributors in a short, live Q&A or recorded interview typed format, to help foster further interaction with “the outside world”.  If you find yourself reading this and have written a cool post that you’re keen to share, get in touch on twitter of slack.  We’ll be doing this again mid-April.

Last, but not least.  Below is a onetab link to all of the blog posts, videos, community news & events we talked about.  If you wrote/recorded any of those…Thank you for your contribution! We’d love to hear from you to chat about it at a future meetup.

All the links:  https://www.one-tab.com/page/hhG8MeijS92Pk8xlCq9eFw

 

 

 

 

Sitecore 9 slow login – clean up your tickets

We noticed that the login on our CM was degrading, but with no real changes that we thought may affect this.  At it’s worst it was taking up to 45 seconds to login successfully. I  did a quick profile to see what was going on.  Lo and behold a lot of time was being spent hitting the core db looking for existing login tickets, which allows for the remember me functionality to work.

Upon investigating there were LOTS of tickets in the properties table of the core db.  A quick google led me to some older but helpful posts including: https://blog.coates.dk/2016/05/11/sitecore-client-and-logon-is-very-slow-properties-table-again/

As mentioned in this post, there is an agent that is supposed to clean up the tickets once expired, but clearly something was going amiss.  I was able to confirm the CleanupAuthenticationTicketsAgent was running, however it was never picking up any tickets for cleanup.

ManagedPoolThread #2 12:04:16 INFO  Job started: Sitecore.Tasks.CleanupAuthenticationTicketsAgent
ManagedPoolThread #2 12:04:16 INFO  CleanupAuthenticationTicketsAgent: Number of expired authentication tickets that have been removed: 0
ManagedPoolThread #2 12:04:16 INFO  CleanupAuthenticationTicketsAgent: Total number of authentication tickets to process: 0
ManagedPoolThread #2 12:04:16 INFO  Job ended: Sitecore.Tasks.CleanupAuthenticationTicketsAgent (units processed: )

There were definitely tickets that should have expired, so I hit up Sitecore support for some insight.  As it turns out, this is a known bug in 9.0.1 and 9.0.2 as outlined at https://github.com/SitecoreSupport/Sitecore.Support.223702 .  Before installing the patch though, we manually cleared out really old tokens in SQL.

-- EG. This will delete all tickets generated in Dec 2018.  
-- Adjust the date string to suit your needs. Be careful :D

USE {core_database_name};
DELETE
    FROM [dbo].[Properties]
    WHERE [dbo].[Properties].[Key] like '%SC_TICKET%'
    AND [dbo].[Properties].[Value] like '%^201812%';

This had an immediate positive impact to login performance, jumping down to a second or two.

The patch has since been installed and tickets are getting cleaned up happily as reported in the logs.  Happy days.  As always check with support first before installing any patches that may not be appropriate for your specific environment.