Access Manager "Unable to authenticate. Cause/Code: HTTPS hostname wrong"

  • 3092224
  • 27-Feb-2008
  • 26-Apr-2012

Environment


Novell Access Management 3 Access Administration
Novell Access Management 3 Linux Novell Identity Server
Novell Access Management 3 Support Pack 2 applied

Situation

Access Manager setup created using wildcard certificates on support pack 2 platform. The Base URL of the Novell Identity (IDP) server was defined as https://ism-am-ids.ism.utopia.novell.com:8443/nidp.

The following self signed certificates was created for the IDP server and assigned to the service

- CN=*.utopia.novell.com :

When accessing the IDP server, user would get the login form. AFter entering their credentials, the user gets the following error:

Unable to authenticate. Cause/Code: HTTPS hostname wrong

Resolution

Define a certificate (wildcard or not) that matches the baseURL DNS domain such as

- CN=ism-am-ids.ism.utopia.novell.com
- CN=*.ism.utopia.novell.com

Using a certificate with the subject name of CN=*.utopia.novell.com doesn't match the ism-am-ids.ism.utopia.novell.com DNS name of the host itself.