Edventures in Normalcy

SOLVED SmarterMail Error This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

Posted by Rose Bush on September 2nd, 2015

When logging into a fresh installation of SmarterMail 13 and below, I was given the following error:

Oops!

There was an issue that caused this page to malfunction.

System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. —> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.MD5CryptoServiceProvider..ctor()
— End of inner exception stack trace —

Server stack trace:
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args)
at System.Security.Cryptography.MD5.Create(String algName)
at System.System_ExtensionMethods7BCA73B06BAB478aA3AC6AC60979BA25.GetMD5Hash(String val)
at MailService.Remoting.RemoteSecurity.GetNewKey()
at MailService.Remoting.Mail.InitializeSession()
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg)

Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at SmarterMail.RemoteInterface.IMail.InitializeSession()
at SmarterTools.SmarterMail.Remoting.RemoteMail.InitializeSession()
at SMWeb.HelperClasses.Security.LoginHelper.DoLogin(String email, String password, Boolean impersonationLogin, String visitorIpAddress)
at SMWeb.Login.DoLoginInternal(String username, String password, Boolean rememberMe)
at SMWeb.Login.DoLogin()
at SMWeb.Login.btnLogin_Click(Object sender, EventArgs e)
at System.Web.UI.WebControls.LinkButton.OnClick(EventArgs e)
at System.Web.UI.WebControls.LinkButton.RaisePostBackEvent(String eventArgument)
at System.Web.UI.WebControls.LinkButton.System.Web.UI.IPostBackEventHandler.RaisePostBackEvent(String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler sourceControl, String eventArgument)
at System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)

I found that a previous lockdown server in turn caused SmarterMail to fail to login whether using the Built in Web service or a site through IIS. The correction was listed here:
http://support.microsoft.com/kb/2550971

SOLUTIONS:

  • Change the configuration in the application-level Web.config file. Specify that ASP.NET use the Triple Data Encryption Standard (3DES) algorithm to process view state data
  • Disable FIPS compliant algorithms for encryption, and restart the SmarterMail Service.
  • Upgrade to SmarterMail 14

 

To “change the configuration in the application-level Web.config file. Specify that ASP.NET use the Triple Data Encryption Standard (3DES) algorithm to process view state data”: https://support.microsoft.com/en-us/kb/911722

  1. In a text editor such as Notepad, open the application-level Web.config file.
  2. In the Web.config file, locate the <system.web> section.
  3. Add the following <machineKey> section to in the <system.web> section:
  4. Save the Web.config file.
  5. Restart the Microsoft Internet Information Services (IIS) service. To do this, run the following command at a command prompt:
    iisreset

 

“#1 On Windows Server 2008 and in Windows Vista set the registry value for HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled to 0.
On Windows Server 2003 and in Windows XP set the registry value for HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy to 0.
You will need to restart the machine for this setting to take effect.

#2 Launch Local Security Policy from Control Panel->Administrative Tools. Expand Security Settings->Local Policies->Security Options. Open the security policy “System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing” and select the Disabled option. Retstart the machine.”

Filed under: Code or Hosting | Comment (0)

Setting up SmarterMail 8 as a site in IIS7 as apposed to a Service command line

Posted by Rose Bush on January 30th, 2013

Setting up SmarterMail 8 as a site in IIS7 as apposed to a Service is rather straight forward.  SmarterTools has this article here:

http://portal.smartertools.com/KB/a1485/set-up-smartermail-as-a-site-in-iis-70.aspx

I decided to go once step further and make this scripted:

 

32bit:

And 64bit:

On a side note, in certain cases, I had to change the application pool back to Classic Mode.  IDK why, if you figure it out, pls tell me!

Ok, as of last I think I fount the inconsistency.  The application pool is not getting updated to run as NetworkService, alternative command to give us desired result:

 

Filed under: Code or Hosting | Comments (2)

Copyright © 2026 Edventures in Normalcy. All rights reserved.