Not getting the login page for WAMUI, after upgrading the WAMUI from R12.5 to R12.51. Already have the WAMUI configured for External Authentication.

Document ID : KB000020092
Last Modified Date : 14/02/2018
Show Technical Document Details

Description:

As WAMUI is working over SSL which using is by default self signed certificate, and external Authentication using a different certicate which give the above errors, and due to which WAMUI does not starts properly and gives error.

Solution:

WAMUI Logs:

=========================

2013-07-31 22:11:54,801 WARN [com.ca.commons.security.ssl.CustomDefaultStoreSSLSocketFactory] (main) initCAKeyStore: No trusted CA(s) found in default trust store. If -Djavax.net.ssl.trustStore is used to specify an alternative default trust store then check that it is valid, and trustStorePassword/trustStoreType are also specified and valid.

2013-07-31 22:11:54,875 ERROR [ims.llsdk.directory.jndi] (main) simple bind failed: ldap.server.com:636

2013-07-31 22:11:54,894 ERROR [ims.llsdk.directory.jndi] (main) Failed to connect to LDAP directory ldap://ldap.server.com:636

ldap://ldap.server.com:636 Reason: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

2013-07-31 22:11:54,901 WARN [ims.tmt.EnvironmentService] (main) * Failed to start environment: SiteMinder

2013-07-31 22:11:54,901 WARN [ims.default] (main) ** FIPS mode enabled :false

=========================

Cause of the issue:

As WAMUI is working over SSL which using is by default self signed certificate, and external Authentication using a different certicate which give the above errors, and due to which WAMUI does not starts properly and gives error.

Solution:

Add the External Authentication certificates in trustedkeystore.jks path, using keytool (avialable in java)using below commands may help:

keytool -import -trustcacerts -alias <certificate alias> -keystore "c:/Program Files (x86)/CA/siteminder/adminui/server\default/conf/trustStore.jks" -file <location of certificate>"

Restart the WAMUI services. This will resolve the issue.