Hi folks !
Find below the list of the latest Knowledge Base Articles for Single
Sign-On (Formerly CA SiteMinder) published or updated since July 1
Latest 20 published Knowledge Documents :
WHAT IS THE RECOMMENDED APPROACH TO RENEW A FEDERATION SIGNING CERTIFICATE THAT IS ABOUT TO EXPIRE?
This document provides information on how to renew signing certificate
CA ACCESS GATEWAY(SECURE PROXY SERVER) ACTING AS IDP IS USING THE ASSERTIONCONSUMERSERVICEURL IN AN AUTHENTICATION REQUEST EVEN THOUGH THE ACCEPT ACS URL IN THE AUTHNREQUEST OPTION IS NOT SELECTED
This document describes a known issue where CA Access Gateway(Secure Proxy Server) acting as IDP is using the AssertionConsumerServiceURL in an authentication request even though the Accept ACS URL in the Authnrequest option is not selected
HOW DO I PREVENT A COOKIE REPLAY ATTACK IN SITEMINDER?
This document provides information on how to prevent cookie replay attacks in Siteminder
AUTHENTICATION CHAIN WITH IWA AUTHENTICATION SCHEME FALLBACK TO FORM NOT HAPPENING PCS OUTSIDE COMPANY DOMAIN
This document describes use case on how to configure authentication chain IWA fallback to form
THE POLICY STORE COULD NOT BE INITIALIZED WHILE CONFIGURING THE POLICY STORE
This document describes a use case where the policy server reports The policy store could not be initialized error while configuring the policy store
WHEN TRYING TO AUTHENTICATE THROUGH SSO AUTHAZWS FROM CA API GATEWAY THE ACCESS GATEWAY DOES NOT RESPOND
When trying to authenticate through AuthAzWS from CA API gateway the access gateway does not respond . u000au000aWhen is done through a web browser, or via SOAPUI, directly to the backend then the request works
HOW TO ENABLE ADMINUI RESTAPI TRACES?
This document shows the steps needed to enable tracing for the RestAPI
WHEN WILL CA ACCESS GATEWAY EMBEDDED TOMCAT BE UPGRADED FROM 7.0.82
When will Tomcat in Access Gateway be upgraded to 7.0.82 or newer.
ADMINUI FROZEN AND HANDSHAKE ERRORS DUE TO SOCKET ERROR 0
This document explains how you can solve this situation when the errors mentioned appear
HOW CAN I START WEB AGENT USING SYSTEMCTL INSTEAD APACHECTL?
This document shows what steps need to be done to start your Web Agent running on Apache web server in RHEL7 using systemctl
IS THERE A LIST OF PUBLIC DOMAINS THAT ARE ALLOWED FOR THE REDIRECT URI'S?
We only allow public domains that are below in this document. You should not be able to put just any domain in. You could put an enhancement on the idea wall on ca communities to put a check box not to validate that url against a format. Remember - These public domains listed below in the document are the only domains that are validated because there is concern for security reasons that the redirect uri would redirect to an invalid domain/not validated domain without restricting domains.u000au000aYou can use a 3rd party Dns Lookup tool to check validated public domains.
WHY AM I GETTING ERRORS ON AN XPS IMPORT ON THE POLICY SERVER ON DUPLICATE DATA,
This question can come up in the process of making an parallel upgrade with the policy store for any CA SSO
REQUEST FORM SUBMISSION ERROR IN FEDERATED APPLICATION
When user/Vendor tried to enter the data in POL application request form page after a minute page is refreshing all the data is getting wiped off.
XPSSWEEPER WSFEDSP OBJECT 'CANNOT BE SAVED' ERROR
12.7 SP2 XPSSweeper is finding SharePoint Agent related errors that were not found by 12.52 SP1 Sweeper.
HOW TO DISABLE HTTP PORT FOR ADMIN UI
http port disable for security scan
IN TOMCAT ENVIRONMENT, SMSESSION COOKIE IS NOT DECODE BY WEBAGENT.
In SSO environment launched Tomcat, WebAgent can't decode SMSESSION cookie, because SMSESSION cookie contains double quatation("").
COMMUNICATION FAILURE BETWEEN SITEMINDER POLICY SERVER AND WEB AGENT
What does the message "Communication failure between SiteMinder policy server and web agent." mean?
RUNNING SMTEST TOOL, WHERE DO I FIND THE .INI FILE ?
This technote (Knowledge Document) gives some details about the performance testing with the smtest tool.
SPS HTTPD ACCESS LOGS ARE NOT ROTATING
we have been seeing an issue with httpd logs filling up our disks. the rotatelogs configuration is in place but they do not rotate the logs and the access log keeps filling up. Please advice. Version details are below:- Attached the httpd.conf file. u000au000aProduct Name=CA SiteMinder Secure Proxy Server u000a12.52 SP1 CR07
CAPKI UNINSTALL TOOL DOES NOT WORK
This document explains why the installation does not seem to respond and which steps to follow know more about the issue, and eventually solve it
Here are the Top 20 most consulted Knowledge Document last month :
SMAUTHREASON reason code document (Legacy_Onyx KB Id: 176074)
Server Error 10-0004
SM web agent LLAWP failed to initialized with Apache 2.4 on startup due to Semaphore issue
Policy Server :: Disable Flag : SmAuthReason
Agent Api function failed when load balancer is introduced between agent and policy server
Steps to Re-register Admin UI
Error (in Event Viewer): Failed to initialize the message bus.
Unable to resolve fully qualified host name. Exiting with HTTP 500 server error '00-0016'
Resolving Problems installing the Java JCE Unlimited Strength Jurisdiction Policy Files package
CA Access Gateway (formerly Secure Proxy Server): Commonly Tuned Parameters
Web Agent IPC Error
What is the meaning of the WebAgent error message 20-0004?
Why WebServer user is required to have write permission on the "SmHost.conf" file?
systemctl and Web Agent startup settings for Red Hat Apache Web Server 2.4.x
Web agent unable to process SMSESSION
How to protect a Tomcat web application using Siteminder.
SiteMinder Error Codes
What are the possible handshake errors in policy server?
HTTP Status 400 - Bad Request with Error messasge BAD_SAML_REQUEST_ENCODING
How to Enable SPS logs