Error "Exception has been thrown by the target of an invocation" installing the Service Management Automation Web Service

Applies to: Microsoft System Center 2012 R2 OrchestratorMicrosoft System Center 2012 OrchestratorMicrosoft System Center 2012 Orchestrator Service Pack 1

Symptoms


When you try to perform the Generate Tenant Key action of installing the Service Management Automation Web Service feature in System Center 2012 R2 Orchestrator, an exception of type System.Reflection.TargetInvocationException with the error message "Exception has been thrown by the target of an invocation" is returned.

The installation log shows an inner exception of type System.InvalidOperationException with the This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms. error message.
Calling custom action WebServiceCustomActions!WebServiceCustomActions.CustomActions.GenerateTenantKey
WebServiceCustomActions: Generate Tenant Key
Exception thrown by custom action:
System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.RijndaelManaged..ctor()
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object arguments, Signature sig, Boolean constructor)
at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)
at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object args)
at System.Security.Cryptography.SymmetricAlgorithm.Create(String algName)
at WebServiceCustomActions.CustomActions.GenerateKey(Session session, String connectionString)
at WebServiceCustomActions.CustomActions.GenerateTenantKey(Session session)
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object arguments, Signature sig, Boolean constructor)
at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object parameters, Object arguments)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object parameters, CultureInfo culture)
at Microsoft.Deployment.WindowsInstaller.CustomActionProxy.InvokeCustomAction(Int32 sessionHandle, String entryPoint, IntPtr remotingDelegatePtr)
CustomAction GenerateTenantKey returned actual error code 1603 (note this may not be 100% accurate if translation happened inside sandbox)

Cause


This issue occurs because the encryption algorithm that is used by Service Management Automation in Orchestrator 2012 is not Federal Information Processing Standards (FIPS) compliant. However, the Windows security option "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" is enabled in group policy and require the usage of FIPS compliant encryption algorithms.

Resolution


To resolve the issue, disable the Windows security option "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing", and then restart the installation.

More Information


For more information about the Windows security option "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing", go to the following web site: