Out of support This documentation supports the 8.1 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

SAMLv2 keystore issues

If the SAMLv2 keystore is not correctly configured, the following error is displayed on the top of the page when attempting to create a new IdP or SP:

Check the Federation log file in the following location:

<installationDirectory>/tomcat/webapps/atriumsso/WEB-INF/config/atriumsso/debug

The following error messages indicate that the keystore is of the wrong format (For SAMLv2, only keystores that are in JKS format are supported. This keystore is used for holding certificates and private keys for signing and encryption):

ERROR: mapPk2Cert.JKSKeyProvider:
java.io.IOException: Invalid keystore format
ERROR: mapPk2Cert.JKSKeyProvider:
java.lang.NullPointerException
ERROR: mapPk2Cert.JKSKeyProvider:
java.io.IOException: Keystore was tampered with, or password was incorrect


The following message indicates that the files containing the passwords for the store or the key do not contain the correct values (the values must be encoded before being stored within the files):

libSAML:03/02/2011 12:42:23:418 PM CST: Thread[main,5,main]
ERROR: JKSKeyProvider: keystore file does not exist
libSAML:03/02/2011 12:42:23:418 PM CST: Thread[main,5,main]
ERROR: JKSKeyProvider: keystore password is null


The following message (displayed in the browser) indicates that the keystore file is incorrectly defined or missing:

HTTP Status 400 - Error processing AuthnRequest. Error retrieving meta data.
HTTP Status 400 - Error processing AuthnRequest. Error retrieving meta data.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*