Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-2411

ssoadm doesn't report proper error message for SSL certificate issues (old Sun OpenSSO bug 4768)

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Expired
    • Affects Version/s: 10.0.1
    • Fix Version/s: None
    • Component/s: CLI
    • Labels:
      None
    • Environment:
      OpenAM 10.0.1 is set up to require SSL and SSL client authentication under tomcat6
    • Rank:
      1|hznve7:

      Description

      See http://markmail.org/message/fa77fdgzoafzidmt

      ./script.sh
      [...]
      + ssoadm create-metadata-templ [...]

      Logging configuration class "com.sun.identity.log.s1is.LogConfigReader" failed
      com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
      Check AMConfig.properties for the following properties
      com.sun.identity.agents.app.username
      com.iplanet.am.service.password
      Logging configuration class "com.sun.identity.log.s1is.LogConfigReader" failed
      com.sun.identity.security.AMSecurityPropertiesException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
      Check AMConfig.properties for the following properties
      com.sun.identity.agents.app.username
      com.iplanet.am.service.password
      AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
      Check AMConfig.properties for the following properties
      com.sun.identity.agents.app.username
      com.iplanet.am.service.password

      If I enable ssl debug via -Djavax.net.debug=ssl, I get:
      [spammy SSL debug]
      main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
      main, WRITE: TLSv1 Alert, length = 2
      main, called closeSocket()
      main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
      main, called close()
      main, called closeInternal(true)
      AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
      Check AMConfig.properties for the following properties
      com.sun.identity.agents.app.username
      com.iplanet.am.service.password

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              roysjosh roysjosh
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: