We are in process of upgrading CA SiteMinder setup from R12SP3 to R12.52 SP02. The approach we are following is Parallel upgrade.
The infrastructure is ready in new environment and we have already installed & configured R12.52 SP02 policy server, CA directory as Policy+Key Store.
In R12, we are using OID11g as Policy+Key store.
We have migrated the policy data from R12 to R12.52 environment successfully. However, we are facing some issues when we tried to point an existing application from R12 to R12.52 environment. It's giving Internal server error on .fcc page post submitting the credentials.
I reckon issue is because of below reasons -
1. We have installed R12.52 servers with different encryption key and Key store is migrated from R12 to R12.52
2. The custom login page for all the intranet application is hosted on central apache servers which is still pointing to R12 environment
If we point the SM Webagent on central apache server(serving custom login page) to R12.52, then the SSO will not work for applications which are still pointing to R12 environment and vice versa.
1. Can we use R12.52 CA Directory based collocated policy/key store as different keystore by resetting the Encryption key and importing the R12 key data? If yes, then please help with steps to be followed.
2. Any better approach to maintain SSO between R12 & R12.52 till the time we point all R12 applications to R12.52 policy servers?
We don't want to use R12 Key store as common key store since we are planning to decommission the OID servers.
Appreciate your quick help.