Federation not working after artifact binding out-of-

Troubleshooting

Problem

After changing SSL cert for partner SSL Server verification new cert does not appear to be working.

Symptom

You may see connection errors such as com.tivoli.am.fim.soap.client.HttpClientImpl doRequest javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.n: No trusted certificate found

Or other errors related to the SSL cert.

Resolving The Problem

After changing SSL cert used for verification of partner SSL connection for use in SOAP requests, or for client cert verification the TFIM Runtime must be restarted not just reload the TFIM config. This config parameter does not use the key rollover functions and requires that the JVM be restarted to init with the new cert to use for channel verification.

[{"Product":{"code":"SSZSXU","label":"Tivoli Federated Identity Manager"},"Business Unit":{"code":"BU008","label":"Security"},"Component":"SSO","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.2;6.2.1;6.2.2;Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Tips

Federation not working after artifact binding out-of-

Troubleshooting

Problem

Symptom

Resolving The Problem

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?