ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Not getting the login page for WAMUI, after upgrading the WAMUI from R12.5 to R12.51. Already have the WAMUI configured for External Authentication.

book

Article ID: 20092

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

As WAMUI is working over SSL which using is by default self signed certificate, and external Authentication using a different certicate which give the above errors, and due to which WAMUI does not starts properly and gives error.

Solution:

WAMUI Logs:

=========================

2013-07-31 22:11:54,801 WARN [com.ca.commons.security.ssl.CustomDefaultStoreSSLSocketFactory] (main) initCAKeyStore: No trusted CA(s) found in default trust store. If -Djavax.net.ssl.trustStore is used to specify an alternative default trust store then check that it is valid, and trustStorePassword/trustStoreType are also specified and valid.

2013-07-31 22:11:54,875 ERROR [ims.llsdk.directory.jndi] (main) simple bind failed: ldap.server.com:636

2013-07-31 22:11:54,894 ERROR [ims.llsdk.directory.jndi] (main) Failed to connect to LDAP directory ldap://ldap.server.com:636

ldap://ldap.server.com:636 Reason: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

2013-07-31 22:11:54,901 WARN [ims.tmt.EnvironmentService] (main) * Failed to start environment: SiteMinder

2013-07-31 22:11:54,901 WARN [ims.default] (main) ** FIPS mode enabled :false

=========================

Cause of the issue:

As WAMUI is working over SSL which using is by default self signed certificate, and external Authentication using a different certicate which give the above errors, and due to which WAMUI does not starts properly and gives error.

Solution:

Add the External Authentication certificates in trustedkeystore.jks path, using keytool (avialable in java)using below commands may help:

keytool -import -trustcacerts -alias <certificate alias> -keystore "c:/Program Files (x86)/CA/siteminder/adminui/server\default/conf/trustStore.jks" -file <location of certificate>"

Restart the WAMUI services. This will resolve the issue.

Environment

Release:
Component: SMAUI