This documentation supports the 9.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Troubleshooting CAC authentication

If authentication fails, there are several log directories and several debug methods that you can use to resolve issues. If you discover that a certificate is not in the truststore, import the certificate into the keystore.

  • With the default logging level, check for errors in the normal BMC Atrium Single Sign-On log files in the logs directory: <installationDirectory>\AtriumSSO\tomcat\logs
  • Check the Authentication file in the logs directory after setting the logging level to Message: <installationDirectory>\AtriumSSO\tomcat\logs
  • Check the Authentication directory: BMC Atrium SSO \WEB-INF\config\Atrium SSO\logs\Authentication
  • Change the clientAuth setting in the Tomcat server.xml configuration file to True.
  • Turn on network debug logging.
  • Check the BMC Atrium Single Sign-On truststore to verify that the certificate has been imported or that the Issuer (in other words, the Signer) certificate has been imported.

The following troubleshooting topics are addressed here:

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*