Policy Server :: Google Authentication : An error response was sent from the Authorization Server. Error: invalid_grant

Document ID : KB000091688
Last Modified Date : 16/04/2018
Show Technical Document Details
Issue:
We run Policy Server configured to login with Google, then the login
process fails and returns error :

[Cookies:{}] [Message: { "error" : "invalid_grant", 
"error_description" : "Code was already redeemed." }]] 

How can we solve that ?
Cause:
You may experience this issue because the certificates on the CA
Single Sign-On side are not update.
 
Resolution:
1) In a command console where you have openssl installed, run the
   below command to get this new root certificate

   openssl s_client -connect www.googleapis.com:443 -showcerts 
 
   Save the Root certificate for "CN=Google Internet Authority G3, O=Google Trust Services, C=US" 

2) Import this root certificate in AdminUI as CA Authorities. 

This will solve the issue.