Exception while creating sp.xml using ssoadmin

Question

I am facing this exception when I trying to create the sp.xml using the ssoadmin :

com.sun.identity.cli.CLIException: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password at com.sun.identity.cli.LogWriter.log(LogWriter.java:109) at com.sun.identity.cli.Authenticator.ldapLogin(Authenticator.java:170) at com.sun.identity.cli.AuthenticatedCommand.ldapLogin(AuthenticatedCommand.java:144) at com.sun.identity.federation.cli.CreateMetaDataTemplate.handleRequest(CreateMetaDataTemplate.java:113) at com.sun.identity.cli.SubCommand.execute(SubCommand.java:291) at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:212) at com.sun.identity.cli.CLIRequest.process(CLIRequest.java:134) at com.sun.identity.cli.CommandManager.serviceRequestQueue(CommandManager.java:573) at com.sun.identity.cli.CommandManager.(CommandManager.java:171) at com.sun.identity.cli.CommandManager.main(CommandManager.java:148)

And I also tried adding something like this in the ssoamdin.bat : -D"com.iplanet.am.naming.map.site.to.server=https://lb.example.com:443/openam=http://server1.example.com:8080/openam"

But the same exception... How to fix it?

Thanks in advance,

score 0 · Answer 1 · answered Nov 07 '12 at 06:32

The 'map-to-site' property is only needed if you have a site configured an the host where you run ssoadm is not able to talk to the siteURL.

You may set -Dcom.iplanet.services.debug.level=message -Dcom.iplanet.services.debug.directory=WRITABLE_EXISTING_DIRECTORY' as JVM options within ssoadm.bat.

You may then look into the debug directory you should find a pointer what's wrong.

score 0 · Accepted Answer · answered Nov 07 '12 at 13:05

0

The above got sorted in my case when i went to the ssoadmin folder openam/bin and found the ssoadm.bat file and opened it in the edit mode and added the following two lines in the java comaand :

-D"javax.net.ssl.trustStore=F:\tomcatsslkeystore" (tomcat keystore path) -D"javax.net.ssl.trustStorePassword=tomcatsslkeystore" (tomcat keystore password)

answered Nov 07 '12 at 13:05

Mahesh More

919
2
8
20

Why did you add this two lines,am getting the same error but am not using https.then how can I solve this issue ?Please give your Advice. – sunleo Apr 16 '15 at 11:20

Exception while creating sp.xml using ssoadmin

2 Answers2