Hi,
I have installed the CA SiteMinder Secure Proxy Server on sandbox server. Here are the infrastructure details -
Operating System – Microsoft Windows Server 2012 R2 Standard (64 bit)
CA SPS Installable used – ca-proxy-12.52-sp01-cr02-win32
Java Version on machine – 1.8.0_92
CA SiteMinder Server version – R12.52 SP02
Installation & configuration is successful. I didn’t enable Federation Gateway.
However, I am getting issue while accessing Secure Proxy Server’s Admin UI - http://<ServerHostname>:8080/proxyui/ .
Error – Page can’t be displayed
Even though I turned on the trace logging, I don’t see it creates any trace file in configured location.
-------------------------- nohup.out logs----------------------------------------------------------------------------------------------
Nov 02, 2017 3:38:21 PM org.apache.catalina.util.LifecycleBase start
INFO: The start() method was called on component [StandardServer[8005]] after start() had already been called. The second call will be ignored.
#
# A fatal error has been detected by the Java Runtime Environment:
#
# EXCEPTION_ACCESS_VIOLATION (0xc0000005) at pc=0x731761e0, pid=5888, tid=0x000011ac
#
# JRE version: Java(TM) SE Runtime Environment (8.0_92-b14) (build 1.8.0_92-b14)
# Java VM: Java HotSpot(TM) Client VM (25.92-b14 mixed mode windows-x86 )
# Problematic frame:
# V [jvm.dll+0x1e61e0]
#
# Core dump written. Default location: C:\Program Files (x86)\CA\secure-proxy\proxy-engine\hs_err_pid5888.mdmp
#
# An error report file with more information is saved as:
# C:\Program Files (x86)\CA\secure-proxy\proxy-engine\hs_err_pid5888.log
Compiled method (c1) 22878 470 s java.lang.Throwable::fillInStackTrace (29 bytes)
total in heap [0x00c76548,0x00c768c4] = 892
relocation [0x00c76618,0x00c76648] = 48
main code [0x00c76650,0x00c76830] = 480
stub code [0x00c76830,0x00c7685c] = 44
metadata [0x00c7685c,0x00c76860] = 4
scopes data [0x00c76860,0x00c76880] = 32
scopes pcs [0x00c76880,0x00c768c0] = 64
dependencies [0x00c768c0,0x00c768c4] = 4
#
# If you would like to submit a bug report, please visit:
# http://bugreport.java.com/bugreport/crash.jsp
#
Java HotSpot(TM) Client VM warning: ignoring option MaxPermSize=256M; support was removed in 8.0
Nov 02, 2017 3:38:23 PM org.apache.catalina.core.StandardContext setPath
WARNING: A context path must either be an empty string or start with a '/' and do not end with a '/'. The path [/] does not meet these criteria and has been changed to []
At the same time, CA SiteMinder Policy server log says :-
[5924/2180][Thu Nov 02 2017 15:38:22][CServer.cpp:2045][ERROR][sm-Tunnel-00010] Bad security handshake attempt. Handshake error: 3152
[5924/2180][Thu Nov 02 2017 15:38:22][CServer.cpp:2052][ERROR][sm-Tunnel-00030] Handshake error: Failed to receive client hello. Socket error 0
[5924/2180][Thu Nov 02 2017 15:38:22][CServer.cpp:2217][ERROR][sm-Server-01070] Failed handshake with <IP address of server on which SPS installed>:65324
Questions –
- Is this issue because of JVM crash as mentioned in first set of logs?
- We are not pretty sure on the Encryption key used while installing the SPS. Looking at SMPS, I am afraid that incorrect EncryptionKey might be causing the issue. Is there any way to validate it?
- Is there any way to validate the encryption key which we are using for SPS installation/configuration is same as of Encryption key used while installing the SiteMinder Policy server?
I tried almost every configuration to make this work, however no luck.
Can you please help me here?