HTTP 500 "Page Cannot Be Displayed" When Attempting X509 Certificate SSO Login Using IE Browser (Doc ID 1213987.1)

Last updated on DECEMBER 02, 2014

Applies to:

Oracle Application Server Single Sign-On - Version 10.1.2 to 10.1.4.3 [Release 10gR2 to 10gR3]
Information in this document applies to any platform.
***Checked for relevance on 02-DEC-2014***

Symptoms

1. 10g OSSO has been SSL enabled using a PKI x509 certificate ( DoD CAC authentication )

2. The choice of client browser is IE (Internet Explorer) version 6.

3. Both OID standard users and Admin users are unable to log in via SSO Administration Page ( /pls/orasso) or OIDDAS (/oiddas) or any other SSO partner application.

4. If using IE with browser setting "Show Friendly HTTP error messages" turned off, IE presents a "Download Page" dialogue for the file index.jsp.

5. If IE setting "Show Friendly HTTP error messages" is turned on, IE returns a generic HTTP 500 "Page Cannot Be Displayed" message.

6. The same problem may also be experienced if custom jsp files have been put in place to implement, for example, an SSO Account Self Registration routine.

7. When any user tries to access any SSO partner application, SSO Admin page or OIDDAS, a browser pop-up window is displayed to select user certificate to authenticate. Once the user selects a certificate to use, instead of redirecting to the SSO partner application the issue is reproduced.

Following image displays pop-up window to select user certificate when trying to access /oiddas:

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms