Combination View Flat View Tree View
Threads [ Previous | Next ]
toggle
Jim Somerville
OpenSSO (OpenAM) Test Configuration- Fails with https
September 19, 2013 7:07 AM
Answer

Jim Somerville

Rank: New Member

Posts: 1

Join Date: September 19, 2013

Recent Posts

I am trying to integrate OpenAM 10.1 login with Liferay 6.1 in the Control Panel's Portal Settings. When entering the required information and clicking Test OpenSSO Configuration fails when using https URLs to OpenAM (e.g. "https://gdx2.kci.com/openam...").

The OpenAM server has a valid wildcard domain SSL certificate from GoDaddy, and I have confirmed connectivity between the Liferay server and OpenAM server. In OpenAM I enabled Encode Cookie Value. And, I can login fine to OpenAM over https. See attachment OpenSSO_https.PNG for settings (shown below).

When changing the URLs to http (both ports 80 and 443 are open and allowed for now) the Test says it connected successfully. See attachment OpenSSO_http.PNG for settings (shown below).

Any ideas why https would not work? Do I need to import the SSL certificate somewhere into Liferay? Or, is it a bug? Thank you.
Attachment

Attachment

Attachments: OpenSSO_http.PNG (29.7k), OpenSSO_https.PNG (31.4k)
Mika Koivisto
RE: OpenSSO (OpenAM) Test Configuration- Fails with https
September 23, 2013 12:20 PM
Answer

Mika Koivisto

LIFERAY STAFF

Rank: Liferay Legend

Posts: 1501

Join Date: August 7, 2006

Recent Posts

Sounds like java doesn't trust the certificate from GoDaddy so you might need to establish that trust manually. You'll do that by importing the certificate to the truststore.
Marco Kropivsek
RE: OpenSSO (OpenAM) Test Configuration- Fails with https
October 7, 2013 9:02 AM
Answer

Marco Kropivsek

Rank: New Member

Posts: 1

Join Date: October 7, 2013

Recent Posts

Could you check the certificate name? I had the same problem and adding the certificate to the Jave keystore did not solve it. Changing the common name of my certificate key to the name of the server, I could successfully connect to OpenSSO using HTTPS.