Policy Server Guides › Policy Server Configuration Guide › Troubleshooting SSL Authentication Schemes › SSL Troubleshooting › SiteMinder Policy Should Allow Access, but SSL-Authentication Failed Message Received
SiteMinder Policy Should Allow Access, but SSL-Authentication Failed Message Received
In this situation, there is a Policy that is being called, but the user is incorrectly being denied access. This can result from a number of configuration errors. Common errors include:
- The SSL Server is not configured to Require Client Certificates. Therefore, the client is not passing a certificate; thereby disabling SiteMinder authentication process. You can verify this is the situation by enabling the logging option in the Web Agent. The log should indicate that the user is unknown. To correct this problem, turn on Require Certificates in the SSL Web Server.
- The Policy was not created properly. Check the Policy's users and be sure that the selection is correct.
- For Apache Web server, ensure the SSL Verify Depth is set properly and uncommented.