This concerns issues that occur when validating certificates between agents. The possible causes of this error are:
1.The certificate used to sign the requests is not valid: In this case, you must generate a new certificate and execute the procedure for installing the new SE Suite metadata on the authentication server. 2.The SSL certificate used on the SE Suite server is not recognized by the authentication server: You must import the SSL certificate as a trusted certificate on the authentication server. 3.Authentication server certificates are not recognized by SE Suite: ADFS certificate:
i.Access ADFS, select the 'Certificate' folder and double-click 'Token-signing'; ii.Access the 'Details' tab and click on the 'Copy to File' button; iii.Export the certificate as Base-64 Encoded X.509; IIS Certificate of authentication server:
i.Export the certificate as Base-64 Encoded X.509; ii.Import the certificate on the SE Suite server: keytool -import -trustcacerts -file <path/certificate.cer> -alias <alias> -keystore <path/certificate>.jks iii.Add the attribute in Tomcat JAVA_OPTIONS: Djavax.net.ssl.trustStore=<path/certificate>.jks |