Smart Card authentication to the Endpoint Protection Manager console fails with certificate validation error
Article ID: 174663
Updated On:
Products
Issue/Introduction
When attempting to login to the Endpoint Protection Manager (SEPM) console or remote console, the login fails with the following error:
"An error occurred while validating the certificate for your login request. Please try logging-in again and if the error persists, please contact the administrator."
scm-ui-2019-05-07-11-24-11-011.err
May 7, 2019 11:33:42 AM STDERR: com.sygate.scm.console.util.ConsoleException: An error occurred while validating the certificate for your login request. Please try logging-in again and if the error persists, please contact the administrator. [0x14010000]
May 7, 2019 11:33:42 AM STDERR: at com.sygate.scm.console.ui.LoginPanel.login(LoginPanel.java:1105)
May 7, 2019 11:33:42 AM STDERR: at com.sygate.scm.console.ui.LoginPanel$7$1.construct(LoginPanel.java:718)
May 7, 2019 11:33:42 AM STDERR: at com.sygate.scm.util.SwingWorker$2.run(SwingWorker.java:153)
May 7, 2019 11:33:42 AM STDERR: at java.lang.Thread.run(Unknown Source)
Cause
This error occurs when the certificate path for the user's smart card certificate cannot be validated.
Resolution
Ensure that the certificates listed in smartcard.pem (\SEPM dir\apache\conf\ssl) have the correct path to the user's certificate. For example, if a user's certificate path is user.cer > intermediate1.cer > intermediate2.cer > root.cer, then smartcard.pem should only include the following certificates in base64 format:
smartcard.pem
-----BEGIN CERTIFICATE-----
intermediate1.cer base64 text
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
intermediate2.cer base64 text
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
root.cer base64 text
-----END CERTIFICATE-----
Feedback
