SecureRedirect webapp error


Article ID: 97690


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


We're running CA Access Gateway (SPS), when user access a resource
protected with Openid Connect, at the first request the user is
redirected, as explained in the documentation, to the authentication
page that protects / Affwebservices / secure / secureRedirect. But
after entering the authentication data, he receives an error.


   set resource path used to display error messages; Likely caused by 
   uninitialized NETE_WA_ROOT environment variable] 

   using secure authentication URL.] 

   with ID: 610c7b97-d9ab1f07-19230f43-76119b33-7e7a2c6e-0c 
   failed. Reason: SERE_GET_EXCEPTION] 

   caught in class 
   com.netegrity.affiliateminder.webservices.SecureRedirect, method 
   doGet: com.netegrity.siteminder.agentcommon.utils.k: Failed to 

How can we solve that ?


Policy server 12.8 on Windows 2016 R2; 
SPS (Access Gateway) 12.8 on Windows 2016 R2; 


- Make sure that the CA Access Gateway (SPS) JDK has the JCE patches

  Install CA Access Gateway 

- Make sure that "Use Secure Authentication URL" is checked :

  According to that communities, the authentication url should be secure : 

  CA SSO OpenID Connect Provider - Agentless SSO 

  using secure authentication URL. 

  above line seems to be the root cause. I believe its needed to 
  enable the option to have secure auth url for OIDC implementation, 
  thereby the decryption failure" 

  Check also : 

  OpenID Connect Provider with CA Single Sign On 12.8- PoC 

- Make sure that the Environment variable NETE_WA_ROOT is set properly 
  before starting the CA Access Gateway (SPS);