I followed the documentation Complete SAML 2.0 Setup to create the SAML authentication method. When enabled I attempted to login to the Performance Console and received the error "Error Authenticating: SAML Authentication Failed" at the login screen. 

I found log file (default path) /opt/CA/PerformanceCenter/sso/logs/SSOService.log that showed an error "Error loading keystore: java.io.FileNotFoundException: (No such file or directory)".

However the keystore does exist and is readable by all users. It is also properly referenced in the saml.properties file.

All supported DX NetOps Performance Management releases

Performance Center caperfcenter_sso SSO service had not been restarted after saml.properties file configuration.

While the changes to enable SAML via the SsoConfig tool were made, without the service being restarted it had not yet read in the new values in the saml.properties file. It was still using the old values it read in from the default file configuration, which is empty values.

Restart the caperfcenter_sso service.

• To stop it run:
  • systemctl stop caperfcenter_sso
• To start it run:
  • systemctl start caperfcenter_sso