We have a working siteminder web-agent for x509 cert auth and trying to move it from iplanet to apache.
apache is set for 2 way ssl and to authenticates the client, so if we try an unprotected resource we are prompted for client auth (which is a client cert installed on the browser)and able to access the resource.
When accessing a protected resource, user is prompted for client cert but we can see in agent trace logs that certificate details are not captured.
there is no error in trace logs and it shows success in capturing cert details but certificate details captured is actually blank .
[Date][Time][Pid][Tid][TransactionID][Function][Message][CertSerial][SubjectDN][IssuerDN][UserDN][User]
[====][====][===][===][=============][========][=======][==========][=========][========][======][====]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][SmScc::getCredentials][Certificate present][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][SmScc::getCredentials][Success in collecting credentials.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][AuthenticateUser][User 'unknown' is not authenticated by Policy Server.][][][][][]
Policy server logs not here but shows blank user while processing authentication request.
Apache error log shows cert read correctly.
[Wed Jan 03 13:05:30 2018] [debug] ssl_engine_kernel.c(1306): [client 10.111.6.28] Certificate Verification: depth: 1, subject: /C=AU/O=Test Corporation Limited, ACN 777 777 777/OU=Test, issuer: /C=AU/O=Test Corporation Limited, ACN 777 777 777/OU=Test
[Wed Jan 03 13:05:30 2018] [debug] ssl_engine_kernel.c(1306): [client 10.111.6.28] Certificate Verification: depth: 0, subject: /C=AU/L=Test Online Customer/CN=TEST ANKUR/serialNumber=
E7777777248S2, issuer: /C=AU/O=Test Corporation Limited, ACN 777 777 777/OU=Test
browser recieves a http 403 for this URL
https://testx509.test.com.au/siteminderagent/cert/1514902324/smgetcred.scc?TYPE=16777244&REALM=$SM$%2fTEST%20[01%3a12%3a04%3a2020]&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$2I2DJhrj9QLKt%2bTaH4F%2breuqPkV3rDfY2rKi2vmhTHF1mo63weVxtdhGVVijj43C&TARGET=$SM$https%3a%2f%2fsomething%2etest%2ecom%2ftestapp%2ftest%2ejsp
complete webagent trace logs here .
[Date][Time][Pid][Tid][TransactionID][Function][Message][CertSerial][SubjectDN][IssuerDN][UserDN][User]
[====][====][===][===][=============][========][=======][==========][=========][========][======][====]
[01/03/2018][13:05:31][1570][3728463840][][Initialize][High Level Agent Initialized.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][ProcessRequest][Start new request.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][][CSmApache22WebFilterCtxt::SetP3PCompactPolicy][P3PCompactPolicy : ''][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResource][Resolved HTTP_HOST: 'testx509.test.com.au'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][][Entered CSmHttpPlugin::ResolveFQServerName sHost: ][testx509.test.com.au][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResource][Resolved hostname: 'testx509.test.com.au'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][][CSmHttpPlugin::ResolveAgentName][ServerIP is empty.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][][CSmHttpPlugin::ResolveAgentName][DNSLookupDisabled or lookup failed for host 'testx509.test.com.au'][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResource][Resolved agentname: 'clientsslscithe'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][][CSmHttpPlugin::ResolveClientIp][Resolved Client IP address '10.111.6.28'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResource][Resolved URL: '/siteminderagent/cert/1514945789/smgetcred.scc?TYPE=1677
7244&REALM=$SM$%2fTEST%20[13%3a16%3a29%3a2459]&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$2I2DJhrj9QLKt%2bTaH4F%2breuqPkV3rDfY2rKi2vmhTHF1mo63weVxtdhGVVijj43C&TARGET=$SM$https%3a%2f%2fsomething%2etest%2ecom%2ftestapp%2ftest%2ejsp'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][][CSmHttpPlugin::AutoAuthorizedUrl][Auto-authorizing resource, matches IgnoreExt filter.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResource][Autoauthorizing URL : 'https://testx509.test.com.au/siteminderagent
/cert/1514945789/smgetcred.scc?TYPE=16777244&REALM=$SM$%2fTEST%20[13%3a16%3a29%3a2459]&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=$SM$2I2DJhrj9QLKt%2bTaH4F%2breuqPkV3rDfY2rKi2vmhTHF1mo63weVxtdhG
VVijj43C&TARGET=$SM$https%3a%2f%2fsomething%2etest%2ecom%2ftestapp%2ftest%2ejsp' , Method: 'GET' ][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResource][Resolved METHOD: 'GET'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResource][Resolved cookie domain: '.test.com.au'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmSessionManager::EstablishSession][No plugins responded, returning SmNoAction.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][ProcessRequest][ProtectionManager returned SmNo, end new request.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][ProcessAdvancedAuthentication][Start new request.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][][CSmHttpPlugin::ResolveClientIp][Resolved Client IP address '10.111.6.28'.][][][][][]
[01/03/2018][13:05:31][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][SmAdvancedAuthCore::parseTargetUrl][Resolved cookie domain '.test.com.au'.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][IsResourceProtected][Resource is protected from Policy Server.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResponses][Processing IsProtected responses.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][SmScc::getCredentials][Certificate present][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][SmScc::getCredentials][Success in collecting credentials.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][AuthenticateUser][User 'unknown' is not authenticated by Policy Server.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpPlugin::ProcessResponses][Processing Authentication responses.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][ProcessAdvancedAuthentication][AuthenticationManager returned SmNo or SmNoAction, calling ChallengeMana
ger.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][CSmHttpCredCore::ProcessCertOnlyExit][Invalid certificate credentials.][][][][][]
[01/03/2018][13:05:32][1570][3728463840][430f4b0a-0622-5a4c3a6b-de3bd7e0-7e8bf6aee43][ProcessAdvancedAuthentication][Challenge Manager returned SmExit, Time to challenge.][][][][][]
Appreciate any help /idea where to check