IWA Authentication Scheme returns refused to connect error

Article Id: 76800

Status: Published

Updated On: 09-04-2018 03:21

Products:

CA Single Sign On Secure Proxy Server (SiteMinder) , AXIOMATICS POLICY SERVER , CA Single Sign On SOA Security Manager (SiteMinder) , CA Single Sign-On , CA Single Sign-On

Issue/Introduction:

I'm running a Web Agent on IIS, when I try to reach the IWA Authentication
Scheme, I get the following error in the browser :

This site can’t be reached mymachine.mydomain.com refused to
connect. Try: Checking the connection Checking the proxy and the
firewall

The URL I'm trying to reach is

https://mymachine.mydomain.com/siteminderagent/ntlm/creds.ntc?CHALLENGE=&SMAGENTNAME=myagent&TARGET=-SM-https%3A%2F%2Fmymachine.mydomain.com%2Ftest

When I try this URL

http://mymachine.mydomain.com/siteminderagent/forms/login.fcc

then I get the page. How can I fix this ?

Cause:

You get this issue because IIS isn't configure to handle SSL connection.

Environment:

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component:

Resolution:

To solve this issue, configure IIS to handle SSL connection. Here's a sample of such configuration for IIS7.

How to Set Up SSL on IIS 7
https://docs.microsoft.com/en-us/iis/manage/configuring-security/how-to-set-up-ssl-on-iis