SharePoint wss 3.0 renders blank page

Posted on 2011-03-06
Last Modified: 2012-05-11
I have SharePoint wss 3.0 installed on two identical machines (one is development, the other is production).

On the development server, I have no problem.  I have implemented PKI with a CAC and it works perfectly.  Attached is a snippet of the web.config file (I changed only some of the literals).

On the production machine I have gone through the exact same steps to configure it but it is not working.  It prompts me for a certificate, prompts me for a CAC, prompts me for PIN number, and then after about 5 seconds of "thinking" I get a blank page.  It is truly a blank page (the HTML generated by IE for a blank page).

Does anyone have any clues?

I am physically in the office on a Sunday, so it's pretty important I get this working.

        <anonymousAuthentication enabled="false" />
        <basicAuthentication enabled="true" />
        <digestAuthentication enabled="false" />
        <windowsAuthentication enabled="false" />
        <iisClientCertificateMappingAuthentication enabled="true" manyToOneCertificateMappingsEnabled="true">
            <add name="Administrator (harper)" enabled="true" permissionMode="Allow" userName="admin" password="[enc:AesProvider:pEdQMgQnLDDpF0EnJieHsdUfkMGi86amMq9T3GOdMgdEbkKh+dTZs99SYLG8o:enc]">
                <add certificateField="Subject" certificateSubField="CN" matchCriteria="HARPER.GEOFF" compareCaseSensitive="true" />
                <add certificateField="Subject" certificateSubField="O" matchCriteria="Franklin Mint" compareCaseSensitive="true" />
                <add certificateField="Subject" certificateSubField="OU" matchCriteria="Coins" compareCaseSensitive="true" />
      <access sslFlags="Ssl, SslNegotiateCert, SslRequireCert" />

Open in new window

Question by:GeoffHarper
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4

Expert Comment

ID: 35052153
What it looks as is that you are trying to use the url on the same server where you have the site and please share if you are using a different host header name, If yes then you will have to add that host header in backward host header check or disable loopback check  in registry, Follow this article : 

Other than that Please check site is in trusted sites and if there is any error in ULS logs or event logs

Author Comment

ID: 35052940

No, I actually haven't tried to load the URL on the same server the site is on.  This is definitely behavior from the client computer.  As I said, the same setup works on a development server but not the production.  The development hostname is setup in DNS the same way production is, but with the letters "test" added to the machine name part.

I did earlier today add the host in that backward host header check but have not tried the disable loopback.
LVL 12

Expert Comment

ID: 35055256

Do you have an Alternative Access Mapping for the host header?  If not, your request is probably not getting passed from IIS to SharePoint.
Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!


Author Comment

ID: 35055984

Thanks for the idea.  I was pretty sure I had configured (and I checked; I did) it but you're right, it is acting as if there was no Alternate Access Mappings.  I double-checked to make sure hoping it was blank, but, alas, I configured it.

Any other ideas are welcome, even if you think I must have already thought of them!
LVL 12

Accepted Solution

Hairbrush earned 500 total points
ID: 35056390

How about trying this:

On your test/production server, fire up ULSViewer ( and then do an IISReset.  On your client, refresh your page.  Watch in ULSViewer to see what ULS log entries are written.  If nothing comes up, you know you've still got a config issue preventing your request getting to SharePoint.  If you do see entries, they might indicate the problem.

Author Comment

ID: 35056858

Ok, I'll try it.  Unfortunately, I won't be able to try it until lunchtime or after work because people are using the site.  They are currently using user/password to get in and my instructed goal is to allow logons by CAC only.

Author Comment

ID: 35063039

Ok, this was good in that it narrows it down!  I saw nothing.  Later I did observe the kind of stuff showing a bit of what SharePoint is doing when running it, so it was interesting.

I did this again just to make sure, and NOTHING.

So, the problem lies somewhere before the URL gets passed off to SharePoint, right?

I don't have a clue right now.  Also, a reminder that this whole thing works on my development machine, just not the production.

I have just spent some time comparing applicationHost.config and web.config files and other than the expected differences (test url name, machine name, etc.) they are the same.

Any ideas?
LVL 12

Expert Comment

ID: 35067939
To get the site onto the production machine, did you transfer it by backup and restore of the SQL database, and then you did you configure the different host header name in IIS?  If so, I think that is where the problem lies.  You should extend the site, following the procedure described in one or more of the pages below:{72C1C85B-1D2D-4A4A-90DE-CA74A7808184}&pID=804

Let me know how you get on.


Assisted Solution

GeoffHarper earned 0 total points
ID: 35069284

No, I didn't do a restore.  I actually only modified web.config and applicationHost.config on the development side to get this working, so I manually merged my changes into the same files on production.

However, that is now a moot point.  I have solved the issue.

The ULSViewer pointer really helped a lot because prior to running it, I was convinced that SharePoint was the culprit.

As I began to search for "IIS blank page" and the like, I found this link
which allowed me to see that there actually was an error 403 occurring!  I turned on the "detail" for "Error Pages" under the site's config GUI (BTW, "Failed Request Tracing" doesn't work on this machine; I get an error when I try to configure it or turn it on) and It said that the client's certificate was invalid, expired, revoked, or server couldn't verify it.

This clued me in to something I disabled about a year ago: The CRL (Certificate Revocation List) check.  We have a machine which is not on the Internet; it is only on a secured Intranet and there are no CRLs available so our only choice is to leave it disabled.  So, I thought that somehow it must have been turned back on so I ran my .BAT file which sets the registry entry (see 2nd comment: Then I rebooted (you have to for it to take effect).

I still had the same problem!  So, I went into the registry to actually look at the value under the "" key and it was "1" (which is disabled; correct)!  What I saw though, and had no idea existed, were parallel keys with the specific IP address spelled out.  That's the key IIS was looking at.  The value under that key needed to be set.  Once I changed that and rebooted, it all works perfectly!

Now, I am still new to this experts-exchange process of "Accept Solution" and "Accept and award points" so do you get the points because you helped me arrive at my answer, or don't get points because you didn't give the solution?

LVL 12

Expert Comment

ID: 35069468
Hi Geoff

Really glad you reached a solution.

There is a useful guide on how best to close a question here:

In this instance you could either:

Accept an Expert's Comment as the Solution on the basis that a particular comment "led you to the solution"


accept your own comment as the solution but click "Accept and Award Points" to award points for a comment that helped you

You are also asked to grade the solution.  An answer is worth an A, unless it doesn't resolve your issue. If it requires you to do a little more research, then it's worth a B.

Hope this helps!

Author Closing Comment

ID: 35120593
Expert really helped the process along by suggesting ULSViewer - this led to the solution.

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
IIS Cache Control settings 2 64
jQuery parseHTML 6 89
Error 2147220960, SendUsing configuration invalid. error received while trying to send   email 14 49
Access 2010 7 90
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
These days socially coordinated efforts have turned into a critical requirement for enterprises.
The viewer will learn how to simulate a series of coin tosses with the rand() function and learn how to make these “tosses” depend on a predetermined probability. Flipping Coins in Excel: Enter =RAND() into cell A2: Recalculate the random variable…
The viewer will learn how to create a normally distributed random variable in Excel, use a normal distribution to simulate the return on an investment over a period of years, Create a Monte Carlo simulation using a normal random variable, and calcul…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question