Excel add-in Web Service Error

Feedback / Issues and Bug Report / Bugs or Issues

All rounder
apermag
updated 5 days ago
10replies

Hello

I've got to install Excel plugin on my laptop, but I'm unable to make it work. The issue I'm having is the following:

Configuration of settings: port 55321, HTTPS, Default timezone and authentication with API token (I've tried also without it).

Views is configured to use 55321 as the gRPC API (as default). The only difference compared to default installation is that the certificate for Views is one created by a CA.

Any ideas?

Thanks

Excel Add-in

- Real-Time Manager at CSE ICON
- damon_vinciguerra.1
- 6 days ago
- Reported - view
This guy shows up about 80% of enterprises that I've seen. This is from an internal troubleshooting guide we have:

Root Cause:

The .NET Framework used by the add-in is not enforcing strong cryptographic protocols (e.g., TLS 1.2), which are required by the backend service.

Solution:

Update the registry to enable strong cryptography support in the .NET Framework:

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]

"SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]

"SchUseStrongCrypto"=dword:00000001

Additional Notes:

After applying these changes, restart the system or at minimum restart Excel to apply the new settings.
- All rounder
- apermag
- 6 days ago
- Reported - view
Thanks for the info! Does the Excel add-in require a specific .NET Framework installed? Or is it just about those registry entries being setup?
- Real-Time Manager at CSE ICON
  
  damon_vinciguerra.1
  
  6 days ago
  
  Reported - view
  https://helpcenter.canarylabs.com/t/q6yfyzs/minimum-hardware-specs-for-the-canary-system-version-25 says you just need .NET Framework 4.7.1. I've yet to come across a laptop that didn't have that! Usually it's just adding the registry keys.
- All rounder
  
  apermag
  
  6 days ago
  
  Reported - view
  Correct, but the way it's described it's not necessarily clear it's including client PC's with Excel add-in. May be worth to expand that in the documentation.
  
  The registry name (v4.0.xxxxx) was a bit misleading, it's not representing the .net framework installed on the laptop (I have 4.8.xxxx).
- All rounder
- apermag
- 6 days ago
- Reported - view
BTW, forgot to confirm this worked (thanks a lot, looks like I'm not going through unknown challenges!!), however I'm concerned that we cannot do this in every user laptop that requires to use this setting. Wondering what Canary team would say about this.
- Real-Time Manager at CSE ICON
  
  damon_vinciguerra.1
  
  6 days ago
  
  Reported - view
  Historically this is something an IT group would push out via a domain GPO. Do you think your company has that capability?
  
  It's mostly outside of Canary's hands as far as I know. The way I read the error - laptops by default aren't configured with the more secure option.
- All rounder
  
  apermag
  
  6 days ago
  
  Reported - view
  it's not about company's capability (which we have), it's the fact that we would need to bring this to them and discuss it (the process) Agree with you that it's supposed to be a more secured way to work with, but if you wouldn't answer this post, how do we know how to deal with this issue? It would be great if Canary documents this somehow as part of the Excel add-in documentation, as although it works, there is no official record of this being the official solution by product manufacturer (at least, not a published official record that I was able to find).
- Real-Time Manager at CSE ICON
  
  damon_vinciguerra.1
  
  6 days ago
  
  Reported - view
  ! We need you.
- smason
- 5 days ago
- Reported - view
Hi ,

We don't have official documentation on this yet, but that is the recommended solution. You can read Microsoft's documentation concerning the SchUseStrongCrypto registry setting here: Transport Layer Security (TLS) best practices with .NET Framework | Microsoft Learn
- All rounder
  
  apermag
  
  yesterday
  
  Reported - view
  Thank you!