Symptoms

Microsoft 365 deployment script is successfully completed on the application endpoint according to the process Microsoft 365 Provider's Guide > The Cloud Solution Provider Scenario > Deploying the Microsoft 365 Application > Deploying the Microsoft 365 Application Endpoint > Installing the Microsoft 365 Application Endpoint: https://docs.cloudblue.com/cbc/services/microsoft365/20.1/content/Providers-Guide/Installing-Microsoft-365-Application-Endpoint.htm .


Task "Provisioning resource XXXXX of type 'office365app' " is failed with an error

'403 Forbidden' received from 'POST 
https://192.168.10.20:443/O365App/aps/office365app/1dbab85b-a311-4893-9db5-07f89e6c029e/upgrade?version=20.1-228':
 The application returned an error message with a non-parsable JSON.


The 403.16 error could be seen in IIS log on application endpoint (C:\inetpub\logs\LogFiles\W3SVC2):

2021-05-18 00:47:12 192.168.10.20 POST /Office365App/aps/office365app/0a365b26-b4b2-414b-92a6-b1bc77bfdd0d/?version=20.1-228 443 - 192.168.10.10 Apache-HttpClient/4.5.4+(Java/11.0.8) - 403 16 2148204809 0


Cause

A wrong SSL certificate from Management Node was used during the IIS Site/Application deployment.


Resolution

1. Make sure that correct certificate was obtained from the Operations Management Node according to the process: Microsoft 365 Provider's Guide > The Cloud Solution Provider Scenario > Deploying the Microsoft 365 Application > Deploying the Microsoft 365 Application Endpoint > Installing the Microsoft 365 Application Endpoint: https://docs.cloudblue.com/cbc/services/microsoft365/20.1/content/Providers-Guide/Installing-Microsoft-365-Application-Endpoint.htm

2. Remove the incorrectly created Site/Application from the IIS.

3. Remove two certificates from Trusted Root Certificates

   1) Self-signed certificate that was created during the Site configuration

   2) Management Node certificate

4. Remove folder for incorectly created Site from c:\inetpub\wwwroot

5. Uninstall incorectly created Microsoft 365 Application Instance from the Provider CP (Applications > Microsoft365 > Instance > Uninstall button> Force Uninstall button (in case Uninstall process is failed))

5. Re-create Microsoft 365 Application Endpoint Site

6. Re-cteate Microsoft 365 Application Instance

Internal