Importing certificate to SPkey store not working. This is the error message we see in arcotafm.log
2022-05-13 12:23:20,694 [https-openssl-apr-8443-exec-5] DEBUG saml.util.CredentialCreator(29) -> Loading key store file from the location : /samlcerts/SP.truststore
2022-05-13 12:23:20,694 [https-openssl-apr-8443-exec-5] DEBUG saml.util.ResourceLoader(26) -> Loaded resource /samlcerts/SP.truststore from local classpath
2022-05-13 12:23:20,694 [https-openssl-apr-8443-exec-5] ERROR saml.util.ArcotSAMLutil(110) -> Certificate could not be loaded from Service Provider trust store configured : Invalid keystore format
2022-05-13 12:23:20,710 [https-openssl-apr-8443-exec-5] ERROR integrations.frontend.LifeCycleStateData(704) -> 707024080: SAML Utility initialization failed.: java.lang.ExceptionInInitializerError (ProcessSAMLRequestTask) |665f69a6640587faec1a7f49c3c3651f97958fda
Release : 9.1
Component : CA Strong Authentication
CA Adapter
From the log file we observed the error "Invalid keystore format" and upon listing the contents of the TrusStore using Keytool command we noticed that the Keystore format was showing as PKCS12, It need to be "jks" format. The issue happened because AdoptOpenJDK version 17 was used to generate the Keystore and it defaulted to PKCS12.
Downgrading the Java version to 1.8 and recreating the Truststore resolved the certificate error issue.