Advanced Authentication Webfort fail over does not work when SSL enabled
search cancel

Advanced Authentication Webfort fail over does not work when SSL enabled

book

Article ID: 192937

calendar_today

Updated On:

Products

CA Advanced Authentication - Strong Authentication (AuthMinder / WebFort) CA Strong Authentication CA Risk Authentication CA Advanced Authentication

Issue/Introduction

When Advanced Authentication is configured (via arcotafm.properties) for SDK fail over to say from host.1 to from host.1. In this case these 3 sets of 2 parameters (6 parameters in total) required otherwise the fail over will not succeed.

########### Set 1 - Host and Port for Host 1 and Host 2    ############################

WebFortauthentication.host.1=<IP address or hostname of the Host 1>

WebFortauthentication.port.1=9742

WebFortauthentication.host.2=<IP address or hostname of the Host 2>

WebFortauthentication.port.2=9742

########### Set 2 - Protocol specification (SSL/TCP) for Host 1 and Host 2   #############

WebFortauthentication.transport.1=SSL

WebFortauthentication.transport.2=SSL

########### Set 3 - if SSL protocol ##############################################

WebFortauthentication.serverCACertPEMPath.1=<PATH TO SSL CERT>

WebFortauthentication.serverCACertPEMPath.2=<PATH TO SSL CERT>

If any of these required parameters are missing then you will get SDK related errors like such

2020-06-11 14:38:17,726 [WebContainer : 0] ERROR integrations.frontend.InitializeWebFortAPIServlet(186) [] -> 707031140: Webfort SDK encountered internal error.

2020-06-11 14:38:17,726 [WebContainer : 0] ERROR integrations.frontend.InitializeWebFortAPIServlet(186) [] -> 707031140: Webfort SDK encountered internal error.

 

 

Environment

Release : 9.1

Component : AuthMinder(Arcot WebFort)

Cause

Missing fail over related parameters in arcotafm.properties.

Resolution

Examine the arcotafm.log (in Debug mode) where the missing parameter will be called out. In the screen shot below the missing path to the SSL certificate is called out in the arcotafm.log.