In SiteMinder and Strong Authentication integration, Adapter Shim which resides in the Policy Server Creates/Reads/Updates the tokens using State Manager functions via SSL communication (if https is enabled) from Adapter Shim component.
How can we resolve the error 'Unable to create token' displayed by shimerror.fcc after updating SSL certificates in the environment?
Symantec Siteminder 12.8
Symantec Strong Authentication 9.1.x
Symantec Adapter 9.1.x
Follow these steps to resolve the SSL communication issue between Adapter Shim and State Manager:
1. Ensure to import the required certificates into <JAVA_HOME>\jre\lib\security\cacerts where the Application server has deployed the CA Statemanager
2. Ensure that the parameter RequireSecureConnection in arcotsm.properties file (in ARCOT_HOME\conf\afm) is set to True as shown below:
RequireSecureConnection=true
3. Ensure that the parameter ArcotSMBaseURL in adaptershim.ini file (on the Siteminder Policy Server location - <ARCOT_HOME>\conf) is set for HTTPS access as shown below:
ArcotSMBaseURL=https://Hosname:Port/arcotsm/servlet
4. Ensure that these certs are provided as shown below. ARCOT_HOME variable points to the install location on your system.
ArcotSMTrustedRootPEM=ARCOT_HOME/adapterSiteMinder/certs/rootcacert.pem
ArcotSMClientSSLCert=ARCOT_HOME/adapterSiteMinder/certs/tsclientcert.pem
ArcotSMClientPrivateKey=ARCOT_HOME/adapterSiteMinder/certs/tsclientkey.pem
None