search cancel

SMSDK smtest is not able to connect to Policy Server

book

Article ID: 255092

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign-On

Issue/Introduction

Policy Server: 12.8.7 (Linux)
Access Gateway: 12.8.5 (Windows)

To stress test the policy servers, SMSDK 12.8.7 was installed on the Access Gateway machine.

When trying to register a new trusted host using the smreghost.bat there is an error "Could not get function dispatch table for CAPKI library"
When trying to connect to Policy Server following error is displayed.

"Cannot obtain host configuration information using specified SmHost.conf file"

 

smps.log shows handshake error.

[6228/5244][Mon Nov 28 2022 15:04:36.780][CServer.cpp:2135][ERROR][sm-Tunnel-00010] Bad security handshake attempt. Handshake error: 3154
[6228/5244][Mon Nov 28 2022 15:04:36.780][CServer.cpp:2146][ERROR][sm-Tunnel-00050] Handshake error: Shared secret incorrect for this client
[6228/5244][Mon Nov 28 2022 15:04:36.780][CServer.cpp:2307][ERROR][sm-Server-01070] Failed handshake with 192.168.0.1:12345

Environment

Release : 12.8.05

Cause

This is due to CAPKI compatibility issue.

 

Resolution

If installing the SMSDK on a Windows machine that already has Access Gateway 12.8.5 then same version of SMSDK should be installed in order to avoid the compatibility issue.

Avoid installing different version of SiteMinder products on the same Windows machine.

Attachments