Hi Gene, Thanks for stepping in again.
I just noticed that I m being redirected to /siteminderagent/cert/1362591717/smgetcred.scc while my authentication scheme is
https://webserver/siteminderagent/cert/smgetcred.scc?cert.
where is this coming from '1362591717'.
.scc is unprotected with my ACO.
and I confirmedfrom XPSExplorer that the auth scheme is actually stored as
https://webserver/siteminderagent/cert/smgetcred.scc?cert. So something else is rewriting this. Not apache for sure, as I created another auth scheme on IIS server which servers IWA. I still get the same error, and no 403 sub status codes on IIS as well.
Agent.log shows:
[CSmHttpPlugin.cpp:7223][ERROR] Credential Collector error. Exiting with HTTP 500 server error '00-0011'.
[820/3739133696][Wed Mar 06 2013 16:32:24][CSmHttpPlugin.cpp:7223][ERROR] Credential Collector error. Exiting with HTTP 500 server error '00-0011'.
[821/3917461248][Wed Mar 06 2013 16:32:34][CSmHttpPlugin.cpp:7223][ERROR] Credential Collector error. Exiting with HTTP 500 server error '00-0011'.
Agenttrace:
[03/06/2013][16:19:52][820][3917461248][0000000000000000000000008680980a-0334-5137c108-e97fb700-703f2f26acd0][CSmHttpCredCore::DoSSLChallenge][Executing SSL challenge.]
[03/06/2013][16:19:52][820][3917461248][0000000000000000000000008680980a-0334-5137c108-e97fb700-703f2f26acd0][CSmHttpCredCore::DoSSLChallenge][Redirecting to credential collector 'https://webserver/siteminderagent/cert/1362608392/smgetcred.scc?TYPE=16777244&REALM=-SM-Certificate%20Authentication%20[16%3a19%3a52%3a140445430586165]&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=agentname&TARGET=-SM-https%3a%2f%2fbga--ux--agentname%2enorthamerica%2edir%2ecompany%2ecom%2fcertificate%2ehtml'.]
[03/06/2013][16:19:52][820][3917461248][0000000000000000000000008680980a-0334-5137c108-e97fb700-703f2f26acd0][HandleCredCollectorChallenge][Redirecting for credentials 'https://webserver/siteminderagent/cert/1362608392/smgetcred.scc?TYPE=16777244&REALM=-SM-Certificate%20Authentication%20[16%3a19%3a52%3a140445430586165]&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=agentname&TARGET=-SM-https%3a%2f%2fxxx--ux--agentname%2enorthamerica%2edir%2ecompany%2ecom%2fcertificate%2ehtml'.]
[03/06/2013][16:19:52][820][3917461248][0000000000000000000000008680980a-0334-5137c108-e97fb700-703f2f26acd0][ProcessRequest][Challenge Manorthamericager returned SmExit, end new request.]
[03/06/2013][16:19:52][820][3917461248][][ReportHealthData][Accumulating HealthMonitorCtxt.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][ProcessRequest][Start new request.]
[03/06/2013][16:19:52][821][3802072832][][CSmApache22WebFilterCtxt::SetP3PCompactPolicy][sP3PCompactPolicy: '']
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmHttpPlugin::ProcessResource][Resolved HTTP_HOST: 'webserver'.]
[03/06/2013][16:19:52][821][3802072832][][Entered CSmHttpPlugin::ResolveFQServerName sHost: ][webserver]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmHttpPlugin::ProcessResource][Resolved hostnorthamericame: 'webserver'.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmHttpPlugin::ProcessResource][Resolved agentnorthamericame: 'agentname'.]
[03/06/2013][16:19:52][821][3802072832][][CSmHttpPlugin::ResolveClientIp][Resolved Client IP address 'x.x.x.x'.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmHttpPlugin::ProcessResource][Resolved URL: '/siteminderagent/cert/1362608392/smgetcred.scc?TYPE=16777244&REALM=-SM-Certificate%20Authentication%20[16%3a19%3a52%3a140445430586165]&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=agentname&TARGET=-SM-https%3a%2f%2fbga--ux--agentname%2enorthamerica%2edir%2ecompany%2ecom%2fcertificate%2ehtml'.]
[03/06/2013][16:19:52][821][3802072832][][CSmHttpPlugin::AutoAuthorizedUrl][Auto-authorizing resource, matches IgnoreExt filter.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmHttpPlugin::ProcessResource][Resolved METHOD: 'GET'.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmHttpPlugin::ProcessResource][Resolved cookie domain: '.company.com'.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmSessionManorthamericager::EstablishSession][No plugins responded, returning SmNoAction.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][ProcessRequest][ProtectionManorthamericager returned SmNo, end new request.]
[03/06/2013][16:19:52][821][3802072832][][ReportHealthData][Accumulating HealthMonitorCtxt.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][ProcessAdvancedAuthentication][Start new request.]
[03/06/2013][16:19:52][821][3802072832][][CSmHttpPlugin::ResolveClientIp][Resolved Client IP address 'x.x.x.x'.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][SmAdvancedAuthCore::parseTargetUrl][Resolved cookie domain '.company.com'.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][IsResourceProtected][Resource is protected from cache.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][CSmHttpPlugin::ProcessResponses][Processing IsProtected responses.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][SmScc::getCredentials][Failed to get the certificate credentials.]
[03/06/2013][16:19:52][821][3802072832][0000000000000000000000008680980a-0335-5137c108-e29f0700-7f5e6022637b][ProcessAdvancedAuthentication][CredentialManorthamericager returned SmExit, end new request.]
[03/06/2013][16:19:52][821][3802072832][][ReportHealthData][Accumulating HealthMonitorCtxt.]