aservers occasionally are unable to decrypt tokens from other aservers.
Originally Published: 2009-02-04
Article Number
Applies To
Issue
IWA authentication method loops continually without sending authenticated user to protected page.
aserver logs show the following error message directly associated with each IWA authentication failure:
sequence_number=5943,remote_client=aserver1,2009-02-03 15:59:52:344 GMT+00:00,messageID=6,client_ip_address=192.168.0.1,client_port=38547,result_code=0,result_action=User Token Failed,result_reason=Token error
Cause
Resolution
Check to ensure that there are no typos in the keyserver.conf files. Specifically check to ensure that each keyserver has a unique name defined for
cleartrust.keyserver.local_id
and that host name defined in the parameter refers to the physical machine where the keyserver resides.
Workaround
Notes
Related Articles
sirrus.runtime.TokenException: Token decryption failed Number of Views Bluecoat SSL Visibility "Traffic between Google Chrome and Google services, such as Gmail, can no longer be decrypted by S… Number of Views No encrypted token records were found in folder Number of Views gpg: no valid OpenPGP data found. gpg: decrypt_message failed eof Number of Views Private key decryption error: Unsupported keysize or algorithm Number of Views
Trending Articles
RSA Governance & Lifecycle 8.0 Patch 10 Release Notes Migrating users across identity sources in RSA Authentication Manager 8.x RSA Authentication Manager Availability of Firmware Updates to Address iDRAC Vulnerabilities Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Move RSA Authentication Manager 8.1 users from the internal database to an external identity source along with their group…
Don't see what you're looking for?
