What problem we are solving?

Configure AEM6.1 to allow authors to login to /projects.html using OKTA.

What's done?

Configured AEM6.1 author per the steps specified in the document-http://www.aemstuff.com/blogs/july/saml.html

Have we done OKTA integration with AEM6.1?

Yes; it's working in our Production environment; we created new test environment from scratch, OKTA SSO not working for the new author environment.

Issues we are facing: Not able to login to author using our network username & password.

• Apache level:
  • Browser error:

    • The requested URL /libs/granite/core/content/login.html was not found on this server.

  • Apache error log:
    • File does not exist: /var/www/html/favicon.ico, referer: http://our-host-name/libs/granite/core/content/login.html?resource=%2F&$$login$$=%24%24login%24%24&j...

• CQ Author level:
  • Server logs:

    • 05.07.2017 23:30:45.683 *WARN* [qtp535806943-32583] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.

    • 05.07.2017 23:32:03.085 *WARN* [qtp535806943-31835] com.adobe.granite.auth.saml.SamlAuthenticationHandler Could not retrieve SP's private key: Uninitialised key store for user authentication-service

ASK?

• What could be causing above errors? How to resolve them?
• Any known SSO bug with AEM 6.1?