Siteminder Secure Proxy Server logging Bad Certificate errors in server.log
search cancel

Siteminder Secure Proxy Server logging Bad Certificate errors in server.log

book

Article ID: 53312

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Description:

An SSL certificate is install or updated on a back-end web server, and the SPS begins logging...

[Noodle.java][ERROR] Exception caught. Message is: proxy: com.rsa.ssl.AlertedException Bad certificate

in the server.log

Solution:

Please perform the following steps...

  1. Acquire root ca cert in PEM format (base64) for the CA that signed/created the Server Cert for back-end web server.

  2. Test the root ca certificate using a browser to validate the root ca certificate is listed in the browsers trusted ca's. The Browser should not throw any security warnings.

  3. After the root ca ertificate has been verified, the root ca certificate needs to be add to the cabundle file in the SPS. The root ca certificate in base64 PEM format should look something like...

    -----BEGIN CERTIFICATE-----
    MIICPTCCAaYCAQAwDQYJKoZIhvcNAQE
    klhOy A bunch of stuff MIICPTCC
    aYCAQAwDQYAaYCAJKoZIhvcNAQE....
    -----END CERTIFICATE-----

  4. After the root ca certificate has been added to the end of the cabundle file and the file has been saved, restart the SPS to load the newly added root ca certificate.

Environment

Release:
Component: SMSPS
Powered by Wolken Software