ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

An invalid domain [.<domain.tld>] was specified for this cookie


Article ID: 77040


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


Customer is integrating with Google reCaptcha. It fails with the following in the tomcat log:

2018-04-10 00:00:41,682::[http-nio-8081-exec-4] - ReCaptchaServlet: java.lang.IllegalArgumentException: An invalid domain [.<domain.tld>] was specified for this cookie 

How can this be resolved?


Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus


Set tomcat to use LegacyCookieProcessor (because Rfc6265CookieProcessor complies with RFC6265 which does not allow domains beginning with non-alphanumeric characters): 

1. Edit the Tomcat/conf/content.xml 

2. Add the statement in betweeen the <context> and </context> tags: 

<CookieProcessor className="org.apache.tomcat.util.http.LegacyCookieProcessor" /> 

3. Restart Tomcat.