scim-rp.jks file

By: Kevin Madhu user 07 Jul 2016 at 5:55 a.m. CDT

6 Responses
Kevin Madhu gravatar
Hi, I'm trying to use the scim api for user management. But I'm currently not able to run the test code provided in the https://www.gluu.org/docs/integrate/scimuma-howto/. The code compile but exits on an exception, "Caused by: java.security.KeyStoreException: Uninitialized keystore". I assigned the **umaAatClientJksPath** as the path for **scim-rp-openid-keys.json**, but I think I'm supposed to provide **_scim-rp.jks_**, but I can't find the file anywhere on the gluu server.
U1404
closed

Answers

By Valentino Pecaoco user 07 Jul 2016 at 8:59 a.m. CDT

Copy
Valentino Pecaoco gravatar
Hi Kevin, The latest instructions on the `scim-rp.jks` file covers CE v2.4.4 which will be released around 7/15 - 7/18. The doc just got a little ahead this time :) So for v2.4.3 the procedure should be as before, i.e., [Can't consume Gluu Server SCIM API](https://support.gluu.org/other/cant-consume-gluu-server-scim-api-2608) > "Caused by: java.security.KeyStoreException: Uninitialized keystore" I think you forgot this? > Add your domain's SSL certificate to the JRE's cacerts certificate key store where your client application will run. There are lots of articles around the Web on how to do this.

By Kevin Madhu user 07 Jul 2016 at 9:09 a.m. CDT

Copy
Kevin Madhu gravatar
Hi, That's funny, usually it's the other way around :) I have already added the certificate for the locally hosted glue server to the java key store. So, you're saying it's got nothing to do with scim-rp-openid-keys.json file I used? Or should I use the earlier version of the test code?

By Valentino Pecaoco user 07 Jul 2016 at 9:19 a.m. CDT

Copy
Valentino Pecaoco gravatar
Maybe there are duplicate certificates which causes the error, e.g., [Solving java.security.KeyStoreException: Uninitialized keystore Exception | Weblogic](http://www.techpaste.com/2013/05/solving-java-security-keystoreexception-uninitialized-keystore-exception-weblogic/) > While debugging we found that 2 certificates were added with different alias so one server was failing to load as the other was having lock on it. We removed the duplicate and all started working.

By Kevin Madhu user 08 Jul 2016 at 1:01 a.m. CDT

Copy
Kevin Madhu gravatar
Hi Valentino, I checked the source code for the ScimTest and to me(I'm no java guy :) it looked like the source code around how the keys are used has changed. Anyways, can u please help me out with something? What I really need to know is how i can extract the clientSecret from scim-rp-openid-keys.json for me to consume scim api using another client. I was not able to find out how the file was interpreted to get the clientSecret.

By Valentino Pecaoco user 08 Jul 2016 at 1:09 a.m. CDT

Copy
Valentino Pecaoco gravatar
Did you check "master"? It is for v2.4.4, which is unreleased yet. You should check the "version_2.4.3" branch instead.

By Kevin Madhu user 08 Jul 2016 at 6:14 a.m. CDT

Copy
Kevin Madhu gravatar
Got my first token! Yay! Thanks. :)

Post an answer