RSA Access Manager CERTIFICATE authentication does not work with Protocol Transition
Originally Published: 2013-07-03
Article Number
Applies To
RSA Product/Service Type: Access Manager Agent
RSA Version/Condition: 4.9.3
Platform: IIS 7
Issue
The following error is seen in the browser:
401.3 Unauthorized
The error message in the agent log at debug level shows:
2013-07-03 12:17:06 -0500 - [736] - <Security> - Session has idled out.
2013-07-03 12:17:06 -0500 - [2996] - <Debug> - Response: 401
Cause
Resolution
Change the setting for cleartrust.agent.iis.preproc_auth_enabled=TRUE. This changes the authentication event from the IIS OnPostAuthenticateRequest event to the BEGIN_REQUEST notification event.
Related Articles
Conditional transition type settings are not listing operand values for comparison field in RSA Identity Governance and Li… Number of Views Button Transition cannot be selected, modified nor deleted in RSA Governance & Lifecycle Number of Views Unable to save workflows with unconditional transition using RSA Identity Management and Governance Number of Views Protocol Transition fails and the user gets a 401 unauthorized message Number of Views Error message on RSA Identity Management and Governance workflow: requires at least one valid outbound transition path but… Number of Views
Trending Articles
Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory Mandatory Certificate Upgrade Required by 6th October 2025 for RSA MFA Agent for PAM, RSA MFA Agent for Apache, and Third … RSA Authentication Manager 8.9 Release Notes (January 2026)
Don't see what you're looking for?
