Debugging Kofax Web Capture Service Installation
Verify the Service is Running
Certificate Error
Success (No Error)
Run the Debug Script
The debug script below will help determine which component of the Web Capture Service is not available. Once the component is identified, perform an investigation into what is blocking or removing it. Commonly this is antivirus solutions, application control (e.g. airlock), group policy and centralised certificate management.
Open command prompt as an administrator.
Run the script below. For ease of use, copy and paste the script into a .cmd file and run it. - cd /d %~dp0
- set log=WebCaptureInstallDetails.txt
- echo Web Capture Install Details > %log%
- echo. >> %log%
- echo. >> %log%
- echo Server Cert >> %log%
- echo. >> %log%
- certutil -store "MY" Kofax.WebCapture.Localhost 1>> %log% 2>>&1
- echo. >> %log%
- echo. >> %log%
- echo CA Cert >> %log%
- echo. >> %log%
- certutil -store "Root" "Kofax Web Capture Service" 1>> %log% 2>>&1
- echo. >> %log%
- echo. >> %log%
- echo URL ACL >> %log%
- echo. >> %log%
- netsh http show urlacl 1>> %log% 2>>&1
- echo. >> %log%
- echo. >> %log%
- echo SSL Cert Binding >> %log%
- echo. >> %log%
- netsh http show sslcert 1>> %log% 2>>&1
Review Script Results
Running the script will create a file called
WebCaptureInstallDetails.txt. Open the file and review the contents. It has 4
sections as follows.
Server Cert
If you see the text in the installed section below,
then the server certificate is installed correctly.
If you see the text in the not installed section
below, then the server certificate are not installed correctly.
Installed
- MY "Personal"
- ================ Certificate 1 ================
- Serial Number: 1000
- Issuer: CN=Kofax Web Capture Service, OU=Atalasoft, O=Kofax, L=Irvine, S=California, C=US
- NotBefore: 1/11/2022 12:52 AM
- NotAfter: 2/11/2052 12:52 AM
- Subject: CN=127.0.0.1, OU=Atalasoft, O=Kofax, S=California, C=US
- Non-root Certificate
- Cert Hash(sha1): 84f9a25dfcc64ab15f7cdc96e85aa579fdf790a3
- Key Container = Kofax.WebCapture.Localhost
Unique container name: 9b4d0c1ab0a6ecd901671939473da25c_a27e20d6-365c-4049-991f-34f2a284a869 - Provider = Microsoft Enhanced Cryptographic Provider v1.0
- Private key is NOT exportable
- Encryption test passed
- CertUtil: -store command completed successfully.
Not Installed
- MY "Personal"
- CertUtil: -store command FAILED: 0x80090011 (-2146893807 NTE_NOT_FOUND)
- CertUtil: Object was not found.
CA Cert
If you see the text in the installed section below,
then the CA certificate is installed correctly.
If you see the text in the not installed section
below, then the CA certificate are not installed correctly.
Installed
- Root "Trusted Root Certification Authorities"
- ================ Certificate 4 ================
- Serial Number: 9e3478ffcab3bba9
- Issuer: CN=Kofax Web Capture Service, OU=Atalasoft, O=Kofax, L=Irvine, S=California, C=US
- NotBefore: 1/11/2022 12:49 AM
- NotAfter: 2/11/2052 12:49 AM
- Subject: CN=Kofax Web Capture Service, OU=Atalasoft, O=Kofax, L=Irvine, S=California, C=US
- Signature matches Public Key
- Root Certificate: Subject matches Issuer
- Cert Hash(sha1): 9a8df5d00728ec451a0eed52f6fea373bd4f2bd5
- No key provider information
- Cannot find the certificate and private key for decryption.
- CertUtil: -store command completed successfully.
Not Installed
- Root "Trusted Root Certification Authorities"
- CertUtil: -store command FAILED: 0x80090011 (-2146893807 NTE_NOT_FOUND)
- CertUtil: Object was not found.
URL ACL
The following two entries must exist.
SSL Cert Binding
The following entry must exist.
- IP:port : 0.0.0.0:23024
- Certificate Hash : 84f9a25dfcc64ab15f7cdc96e85aa579fdf790a3
- Application ID : {44140043-5cd0-460e-bf47-c77ca5da537d}
- Certificate Store Name : (null)
- Verify Client Certificate Revocation : Enabled
- Verify Revocation Using Cached Client Certificate Only : Disabled
- Usage Check : Enabled
- Revocation Freshness Time : 0
- URL Retrieval Timeout : 0
- Ctl Identifier : (null)
- Ctl Store Name : (null)
- DS Mapper Usage : Disabled
- Negotiate Client Certificate : Disabled
- Reject Connections : Disabled
- Disable HTTP2 : Not Set
- Disable QUIC : Not Set
- Disable TLS1.2 : Not Set
- Disable TLS1.3 : Not Set
- Disable OCSP Stapling : Not Set
- Enable Token Binding : Not Set
- Log Extended Events : Not Set
- Disable Legacy TLS Versions : Not Set
- Enable Session Ticket : Not Set
- Disable Session ID : Not Set
- Extended Properties:
- PropertyId : 0
- Receive Window : 1048576
- Extended Properties:
- PropertyId : 1
- Max Settings Per Frame : 2796202
- Max Settings Per Minute : 4294967295
- Extended Properties:
- PropertyId : 2
- Extended Properties:
- PropertyId : 3
- Extended Properties:
- PropertyId : 4
- Extended Properties:
- PropertyId : 5
Related Articles
Working in My Area and Managing Tickets
Please refer to this article that is kept up to date our Service Desk vendor: https://help.zoho.com/portal/en/kb/desk/for-end-users/help-center/articles/working-with-my-area-in-help-center#Accessing_My_Area
PAG Support Portal Overview
Signing Up You must sign up in order to do any of the following on the support portal: View your tickets View your colleagues' tickets Submit a new ticket There are 2 ways to sign up. Select the one appropriate to you. Single Sign On with Office 365 ...