Novell Access Management 3.1 Support Pack 3
Customer had setup a SAML relationship to a 3th party IDP.
When sending the artifact to the defined ArtifactResolutionService endpoint en error was reported.
The catalina.out showed the following:
amLogEntry> 2011-02-31T09:34:50Z VERBOSE NIDS Application: Attempting to connect to URL: https://test1.example1.com/opensso/ArtifactResolver/metaAlias/nl/idp via POST </amLogEntry>
<amLogEntry> 2011-02-31T09:34:50Z DEBUG NIDS Application:
Error connecting to URL java.security.cert.CertificateException: Untrusted Certificate-chain </amLogEnt
The certificate that was assigned to the ArtifactResolutionService endpoint was different from the one that was defined in the imported metadata and hence the trusted roots didn't match.
Getting updated metadata from the 3th party IDP with the correct certificate listed and the import of the matching trusted root certificates the problem was resolved.