About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Troubleshooting
Problem
Once successful authenticated at OpenID Connect Provider the SSO flow ends on the Relying Party with Authentication Failed
Symptom
Looking at the Relying Party trace you can see the following error :
CWWKS1703E: The OpenID Connect client requires SSL (HTTPS) but the OpenID Connect provider URL is HTTP:
https://sso-isam901-idp1.5.support.it/isam/oidc/endpoint/amapp-runtime-SecSuppOP/authorize<⁄code>
Update the configuration so that [enforceHTTPS] attribute matches the target URL scheme.
Cause
The message appears misleading as the URL effectively start with https , however looking carefully at the Relying Party partner configuration you can notice a blank space at the Authorization Endpoint just before https
Resolving The Problem
Remove any space before the https for any Endpoint definition
[{"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF004","label":"Appliance"}],"Version":"9.0;9.0.0.1","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
More support for:
Tivoli Access Manager for e-business
Software version:
9.0, 9.0.0.1
Operating system(s):
Appliance
Document number:
544749
Modified date:
16 June 2018
UID
swg21978815
Manage My Notification Subscriptions