Expand my Community achievements bar.

Don’t miss the AEM Skill Exchange in SF on Nov 14—hear from industry leaders, learn best practices, and enhance your AEM strategy with practical tips.
Read More & Register today!
SOLVED

SAML com.adobe.granite.keystore.KeyStoreNotInitialisedException: Uninitialised system trust store.

Avatar

Employee
Employee
10/15/15 7:27:52 PM

Hi,

While configuring AEM 6.1 SAML packge I am receiving error once I get back to /saml_login consumption

com.adobe.granite.keystore.KeyStoreNotInitialisedException: Uninitialised system trust store.

As I see, there are some additional fields added to SAML configuration in AEM 6.1 compared to 5.6.

If anyone can please share what need to be entered to these values and how to get values for same. like IDP Certificate Alias, SP Private Key Alias, Password of keystore and which of these values are mandatory,

any input is welcome.

\Amit

Views

6.3K

Replies

9
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 10
Level 10
10/15/15 7:27:52 PM

If the documentation is not clear (it looks like that since you stated: so don't really know which certificate to add and where) and leads to mistakes - open a ticket here:

https://helpx.adobe.com/marketing-cloud/experience-manager.html

Log a bug against the docs and get official help for your use case. 

View solution in original post

Views

4.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
9 Replies

Avatar

Employee
Employee
10/15/15 7:27:52 PM

logs below

02.04.2015 08:39:13.455 *WARN* [qtp1468301140-375] com.adobe.granite.auth.saml.SamlAuthenticationHandler Could not retrieve SP's private key: Uninitialised key store for user authentication-service

02.04.2015 08:39:13.455 *WARN* [qtp1468301140-375] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.

Views

4.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
10/15/15 7:27:52 PM

Yes @smacdonald2008. I did that and I have this working on AEM 5.6 and 6 with sp1 instance earlier but this issue is specific to AEM 6.1 that I am facing. 

Views

4.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
10/15/15 7:27:52 PM

I followed steps mentioned at below link and the error is changed from Uninitialised system trust store to Could not read IdP certificate from truststore 

https://helpx.adobe.com/aem-forms/6/configuring-document-services.html#Enabling%20AES-256%20for%20En...

I have received a meta file from IDP containing der certificate and some other settings. so don't really know which certificate to add and where.

 

Any help ??

saml logs list here: 

02.04.2015 14:11:25.006 *ERROR* [qtp1468301140-399] com.adobe.granite.auth.saml.binding.PostBinding Unable to receive SAML message. Could not read IdP certificate from truststore.
02.04.2015 14:11:25.006 *ERROR* [qtp1468301140-399] com.adobe.granite.auth.saml.SamlAuthenticationHandler SAML response parameter was not provided or invalid.
02.04.2015 14:11:25.015 *WARN* [qtp1468301140-399] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.

Views

4.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 10
Level 10
10/15/15 7:27:52 PM

If the documentation is not clear (it looks like that since you stated: so don't really know which certificate to add and where) and leads to mistakes - open a ticket here:

https://helpx.adobe.com/marketing-cloud/experience-manager.html

Log a bug against the docs and get official help for your use case. 

Views

4.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 3
Level 3
12/10/15 2:05:16 PM

Just curious if this was resolved...?  I am facing the same issue.

Views

4.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
12/10/15 4:07:46 PM
  Have you followed this online article http://adobeaemclub.com/setting-saml-authentication/ We are going to look into setting up Ask the experts on this use case. Too many questions.

Views

4.4K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
12/10/15 10:11:19 PM

Please follow below tutorial to set additional configuration for 6.1:

http://www.aemstuff.com/blogs/july/saml.html

After making these changes this should work.

Views

4.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 3
Level 3
12/11/15 7:43:59 AM

Yes, I'm aware of the articles suggested and have followed their steps.  To be more accurate, we had SAML set up and working by following these instructions.  But, at some point (I'm not sure when/why) it has broken and now we just receive the uninitialised system trust store error.  It's not entirely clear to me what the error means; I have created the trust store and can still view it.  How does it become initialized?  Does it ever need to be "re-initialized", for instance after a system change, hot fix install, etc?  Also, thought I would try removing and re-creating the trust store but I can not figure out how to remove it.  Is there a way?

Views

4.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
How to store multiple Org IDs, Environment IDs, Program IDs locally for AIO Plugin Deployment? Solved

Views

118

Likes

0

Replies

3
Unable to load schema in commerce Venia store Solved

Views

232

Likes

0

Replies

2
Generating Public and Private Key in AEM and store in AEM KeyStore Solved

Views

272

Likes

0

Replies

2
The multi field values was not storing values getting from the datasource Solved

Views

208

Likes

0

Replies

2
Style system for nested component Solved

Views

259

Like

1

Replies

4