Unable to get authentication successful using OpenID Connect

This topic has 3 replies, 2 voices, and was last updated 1 month ago by Jatinder Singh.

  • Author
    Posts
  • #28042
     suresh_a
    Participant

    I am in the process of integrating Forgerock from my java application using OpenID Connect as service provider initiated connection
    I am able to get the authorisation code from openam by sending the authorisation request
    However while reading the code and trying to send request for token, I got the below error
    1. Unable to find valid Certification path to requested target. I have tried to install certificate and able to proceed, but the request for token failed in my application with the following exception
    2.InvalidAlgorithmparameter exception: the trust anchors parameters must be non-empty

    Iam unable to get the authentication successful due to above error

    #28043
     suresh_a
    Participant

    Looking forward for support

    #28045
     Jatinder Singh
    Participant

    Your trust relationship is likely broken. The reason why it worked for authorization code is because /authorize is a front channel request and likely browser threw a certificate exception but you bypassed it by clicking “add exception” or something similar. The /token is a back channel request and therefore you need to have appropriate trust relationship established for SSL to work correctly. So, my question is – are you using a self-signed certificate on the AM side? If yes, you need to add that certificate to the trust store (e.g. cacerts) of your application i.e. from where you are calling the /token endpoint.

    Hope this helps!

    #28047
     Jatinder Singh
    Participant

    Also, I would suggest to check if the TrustStore is getting loaded i.e path to trust store, password, etc.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?