000022215 - Token Decryption Errors in RSA ClearTrust AServer log when using multiple application pools with central logon

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022215
Applies ToRSA ClearTrust Agent 4.6 for Microsoft IIS 6.0
Microsoft Windows 2000 Professional SP4
IssueToken Decryption Errors in RSA ClearTrust AServer log when using multiple application pools with central logon
CauseIt is possible to configure the RSA ClearTrust Agent to ensure that each virtual host can have a separate application pool defined. Technically, the AServers in these pools do not need to belong to the same ClearTrust installation, but running in this mode is not supported. If the AServers do not belong to the same ClearTrust installation, Single Sign-on (SSO) is not possible between the 2 virtual hosts because the cookies cannot be decrypted.
ResolutionTo correct this issue, ensure that all application pools defined for a single instance of RSA ClearTrust Agent 4.6 for Microsoft IIS 6.0 belong to the same ClearTrust installation.
Legacy Article IDa27486

Attachments

    Outcomes