Environment
NetIQ Access Management 3.1 SP4
NetIQ Access Management 3.1 IR1
NetIQ Access Management 3.1 IR1
Situation
Customer has the admin console and the idp on the same box and for some reason when x509 auth is done it uses the /opt/novell/jdk1.6.0_26/jre/lib/security/cacerts keystore rather then the truststore keystore.
Now when they upgrade and there is a newer cacerts file it breaks there x.509 authentication.
Now when they upgrade and there is a newer cacerts file it breaks there x.509 authentication.
Resolution
Reported to engineering