SharePoint 2013工作流程：无法让它们再次工作

Question

我目前收到错误“无效的jwt令牌。尝试启动新的SP2013工作流实例时无法解析发行者令牌”（401错误）。

我已经删除了WF农场并重新创建它（并以SP重新注册）。我可以使用SharePoint Designer创建和发布工作流。启动它开始的新实例时，但随后失败。在Fiddler中，我可以通过所述错误消息看到很多401错误。 浏览到localhost：12291我得到一个403 - 当作为管理员执行浏览器时，我可以访问工作流服务服务的XML。 用户配置文件服务正在运行，并没有问题同步。我已经跑了多个完整的同步。

我在事件日志中找不到任何错误消息，ULS日志中的none。调试表只能说明：“HTTP请求的尝试2” http://sp.dev/sites/test/_vti_bin/client.svc/web/lists/getbyid（guid '2f523828-6687-43f1-a5b7-af144fea8739'）'将在00:00:06。“ - 所有401错误。

如何重置我的系统？如何进行进一步测试？

Answer 1

I have just had the same issue in my environment. In my case I have HTTP enabled on the workflow farm. During re-install the workflow farms HTTP endpoint disappeared (you can run the Get-WFFarm PowerShell command and check the Endpoints there).

So the solution in my case was to properly configure the HTTPS endpoint and than re-register the workflow farm with SharePoint. The snippet below assumes that you have exported the SSL certificate from the workflow manager IIS web site to c:\wfm.cer.

$cert = Get-PfxCertificate "c:\wfm.cer" 
New-SPTrustedRootAuthority -Name "Workflow Manager Farm" -Certificate $cert
Register-SPWorkflowService -SPSite "http://dev.sharepoint.com" -WorkflowHostUri "https://devmachine.devdomain.local:12290" -Force

I order to get debugging for this issue configured in the ULS log you can modify the Diagnostic logging settings in Central Administration. Set the following in SharePoint Foundation category to Verbose: App Auth, Application Authentication, Authentication Authorization, Claims Authentication, CSOM.

Answer 2

This issue can sometimes (every time in my experience) be addressed by running the "Refresh Trusted Security Token Services Metadata feed" -- just look under "Timer Jobs" under "Monitoring" in Central Administration.

This is one of those timer jobs which runs infrequently (in this case once per day, usually at midnight), so unless you kick it off explicitly it can be a mystery when things that don't run one day run the next.