AudioVideoPlaybackBot not joining meeting - Server Internal Error. DiagCode: 500#3002.@

Copper Contributor

Hello everyone!

I opened an issue in GitHub but did not get responses so I'm reposting it here.

I'm having problems executing AudioVideoPlaybackBot from my computer using ngrok. I'm trying this approach since the Cloud Service deployment instructions in the bot seem to be deprecated.

I've followed the instructions described here: https://github.com/microsoftgraph/microsoft-graph-comms-samples/tree/master/Samples/V1.0Samples/Loca...

I've created an Azure Bot + Application Registration. I've created a secret and I've uploaded my certificate chain to the app registration. It's a valid GoDaddy wildcard for *.biometricvox.com. I've given all the neccessary permissions to the app registration.

I've ran the configure_cloud.ps1 script with my bot name, appId, secret and certificate thumbprint. The certificate chain is installed in my computer.

I've got a Pro ngrok subscription and the neccessary CNAME records pointing from my domain to ngrok. The address bot.biometricvox.com is pointing to ngrok, and 0.bot.ngrok.com is pointing to 0.tcp.ngrok.io, as seen in the documentation: https://learn.microsoft.com/en-us/microsoftteams/platform/bots/calls-and-meetings/debugging-local-te...

I'm changing the public ngrok port in the code everytime I ran ngrok.

I've ran several SSL Checks from different CA websites to analyze the validity of the certificate, through the ngrok tunnel, and they all passed.

I think I have everything right, but when telling the bot to join a meeting I get the message Server Internal Error. DiagCode: 500#3002.@ from Microsoft Graph, as can be seen in the log file I'm attaching: logs.txt

The communication between the bot and Microsoft Graph API seems to be OK, but at some point Graph sends this 500 Internal Server Error and changes the cll state from Establishing to Terminated. I can't find documentation about error code 500 / subcode 3002.

I've seen some other threads with the same issue, but none of them seem to have a valid solution:
https://learn.microsoft.com/en-us/answers/questions/1658031/calling-teams-bot-call-goes-from-establi...
MicrosoftDocs/msteams-docs#9170
#664
https://techcommunity.microsoft.com/t5/teams-developer/ms-teams-recording-bot-fails-with-internal-se...
https://techcommunity.microsoft.com/t5/teams-developer/ms-teams-calling-bot-fails-with-internal-serv...

Any help would be appreciated.

Thank you very much!

6 Replies

@rubenrubio - Thanks for reporting your issue. The error may be related to server-side issues such as problems with the server configuration or unexpected conditions that the server cannot handle 

1. Ensure that your ngrok tunnel is correctly configured to handle TCP traffic for the AudioVideoPlaybackBot. Since the bot requires TCP tunnels for calls and online meetings, you need to set up ngrok to support TCP tunnels. 

2. Since you are using a wildcard SSL certificate for *.biometricvox.com, ensure that the certificate is correctly installed on your machine and matches the ngrok tunnel's public URL. The SSL certificate must be valid and match the bot's public URL to establish secure communication.

3. Verify that the messaging endpoint URL in your bot registration is correctly set to https://bot.biometricvox.com/api/messages. This endpoint should match the ngrok tunnel's URL where your bot is hosted. Ensure that the bot registration settings are configured correctly for multi-tenant access.

4. The error code 500 with subcode 3002 indicates an internal server error during the call establishment process. This could be due to issues with the bot's communication with Microsoft Graph API. Ensure that the bot has the necessary permissions and configurations to interact with Microsoft Graph API for calls and meetings.

 

Hello, @Nivedipa-MSFT. Thank you for your response and sorry for my delay.

 

I've checked all the items, but I get the same error. Here are my notes:

 

1.- My ngrok config file seems OK:

authtoken: AUTH_TOKEN
tunnels:
    signaling:
        addr: 9442
        proto: tls
        hostname: bot.biometricvox.com
        key: C:\path\to\certificate\private.key
        crt: C:\path\to\certificate\public.crt
    media:
        addr: 8445
        proto: tcp

Ngrok tunnels all communications from bot.biometricvox to my private port 9442, where AudioVideoPlaybackBot responds. The logs suggest that there is signaling communication between my bot and the public Microsoft Graph infraestructure, since I am getting the 500 server error from Microsoft Graph to my webhook https://bot.biometricvox.com/api/calling

 

When I launch ngrok I get this output:

 

ngrok by @@inconshreveable (Ctrl+C to quit) Session

Status online

Account XXX XXX (Plan: Pro)

Version 2.3.41

Region United States (us)

Web Interface http://127.0.0.1:4040

Forwarding tcp://0.tcp.ngrok.io:19853 -> localhost:8445

Forwarding tls://bot.biometricvox.com -> localhost:9442

 

I've got CNAME DNS registries from bot.biometricvox.com to our ngrok domain, and from 0.bot.biometricvox.com to 0.tcp.ngrok.io. I have put 19853 as my public port in AzureConfiguration.cs file, and 0.bot.biometricvox.com as public FQDN for media.

 

2.- The wildcard is installed in the machine, and matches the certificate used in ngrok configuration file. If I modify the thumbprint in the AudioVideoPlaybackBot source code I get an exception, so it suggest it's working.

 

3.- The endpoint of the bot channel MS Teams registration webhook is https://bot.biometricvox.com/api/calling, since AudioVideoPlaybackBot does not appear to have any endpoint like /api/messages. Changing the bot registration to /api/messages did not change the 500#3002 error.

 

4.- I gave all Calls.* permissions to the bot, and the tenant administrator accepted them in our tenant.

 

Once again, thank you very much for your time. I'm struggling a little bit to get the samle bot working since there is so much configuration to do, and the error message is not very descriptive 🙂

@rubenrubio - Could you please share your repro video to investigate further?
@rubenrubio - Could you please share your repro video to investigate further?
I finally figured it out.
I was using a wildcard certificate *.biometricvox.com. This certificate is only valid for direct subdomains, such as bot.biometricvox.com, but not for sub-subdomains like 0.bot.biometricvox.com. I was using bot.biometricvox.com for signaling (which worked) and 0.bot.biometricvox.com for media (CNAME to 0.tcp.ngrok.io).
As soon I used a simple subdomain for media, like 0bot.biometricvox.com, it started working.
Thank you very much for your time and interest and sorry for the delay in my answers.