SPS Exception Noodle_GenericException - No trusted certificate found in CA Access Gateway (SPS)

search cancel

SPS Exception Noodle_GenericException - No trusted certificate found in CA Access Gateway (SPS)

book

Article ID: 403205

calendar_today

Updated On:

Products

SITEMINDER CA Single Sign On Secure Proxy Server (SiteMinder)

Issue/Introduction

Running CA Access Gateway (SPS), the browser receives the error:

https://host.example.com

Error Details
Request URI   :/
Error Type    : SPS Exception
Error Code    : Noodle_GenericException
Error Message : Indicates error at noodle stage. More detailed in SPS logs.

The CA Access Gateway (SPS) agent traces report the error at the same time:

  [ERROR] - javax.net.ssl.SSLHandshakeException: No trusted certificate found

Resolution

Go to the CA Access Gateway (SPS) machine, and from the SSL/bin folder, run the following OpenSSL command to get the backend service certificate:

# openssl s_client -connect ip_of_backend_server:port -crlf

Find the ip_of_backend_server:port from the proxyrules.xml file.
From the output of the above command, copy and paste the lines starting with

-----BEGIN CERTIFICATE-----

and ending with:

-----END CERTIFICATE-----

included, and paste it at the very end of

/opt/CA/secure-proxy/SSL/certs/ca-bundle.cert

like

-----BEGIN CERTIFICATE-----
MIIDaDCCAlACCQDNVsov/hjD5jANBgkqhkiG9w0BAQsFADBZMQswCQYDVQQGEwJO

[...omitted for brevity...]

eTHZeX50zN1ebU7I
-----END CERTIFICATE-----
Restart the CA Access Gateway (SPS) to solve the issue.

Feedback

thumb_up Yes

thumb_down No