RSA Server was upgraded to 8.4 and RSA Authentication fails. aceclnt.log reports "[E] error SignatureVerifier.cpp 249 The certificate verification failed"
Release : 3.2
Component : PRIVILEGED ACCESS MANAGEMENT
There are 2 known issues relating to this error.
1. RSA Server having wrong certificate (not having the ROOT CA Certificate but instead having a Server Certificate, or having wrong certificate completely)
2. RSA Root CA Certificate being SHA1 (Follow the steps outlined in the following KB to migrate to SHA2)
According to RSA support, SHA1 certificates would be migrated to SHA2 certificates when upgrading to RSA 8.2
If for some reason the certificates remain as SHA1 then the signature verification would fail.
Resolve the RSA Certificate issue following the KB (https://community.rsa.com/docs/DOC-76797)
Then generate a new sdconf.rec from RSA and upload it to PAM Server.
Click "Clear NodeSecret" button on PAM GUI so the new sdconf.rec will be deployed.