Unable to import / manage certificates

book

Article ID: 140548

calendar_today

Updated On:

Products

CA Single Sign On Federation (SiteMinder) SITEMINDER

Issue/Introduction

When attempting to import a certificate, we're presented with the following error through the adminu UI:

 

 

 

Error:
System exception trying to load keystore entries. For input string: "MIIv
EBQKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2zuNdHM1ksx"
 
 
 
 
 
 

 

 

Cause

An unknown problem was caused by the way the certificate in question was imported.  Since the certificate was imported via a custom script using the API, no validation was performed on the imported data.

Environment

Release : 12.7x, 12.8x

Component : SITEMINDER -POLICY SERVER

Resolution

We used XPSExplorer to identify and delete the the certificate associated with the error message, after which the UI displayed/managed certs as expected.

Additional Information

The Policy Server's smkeytool command can be used as an additional troubleshooting aid when there are problems with the CDS.  Use the following syntax:

smkeytool -ListCerts