SecureRedirect webapp error

Document ID : KB000097690
Last Modified Date : 25/05/2018
Show Technical Document Details
Issue:
We're running CA Access Gateway (SPS), when user access a resource
protected with Openid Connect, at the first request the user is
redirected, as explained in the documentation, to the authentication
page that protects / Affwebservices / secure / secureRedirect. But
after entering the authentication data, he receives an error.

FWSTrace.log 

  [05/23/2018][08:54:55][7228][1900][][FWSConfigurationManager.java][initializeResourceDirectory][Cannot 
   set resource path used to display error messages; Likely caused by 
   uninitialized NETE_WA_ROOT environment variable] 

  [05/23/2018][09:13:29][7228][5572][610c7b97-d9ab1f07-19230f43-76119b33-7e7a2c6e-0c][SecureRedirect.java][doGet][Transaction 
   with ID: 610c7b97-d9ab1f07-19230f43-76119b33-7e7a2c6e-0c 
   failed. Reason: SERE_GET_EXCEPTION] 

  [05/23/2018][09:13:29][7228][5572][610c7b97-d9ab1f07-19230f43-76119b33-7e7a2c6e-0c][SecureRedirect.java][doGet][Exception 
   caught in class 
   com.netegrity.affiliateminder.webservices.SecureRedirect, method 
   doGet: com.netegrity.siteminder.agentcommon.utils.k: Failed to 
   decrypt.] 

How can we solve that ?
 
Environment:
Policy server 12.8 on Windows 2016 R2; 
SPS (Access Gateway) 12.8 on Windows 2016 R2; 
 
Resolution:
- Make sure that the CA Access Gateway (SPS) JDK has the JCE patches
  set;

  Install CA Access Gateway 
  https://docops.ca.com/ca-single-sign-on/12-8/en/installing/install-ca-access-gateway 

- Make sure that the Environment variable NETE_WA_ROOT is set properly 
  before starting the CA Access Gateway (SPS);