|
|
|
Error Message: "Invalid or missing authorization token"
Technical Note 1956
Last Reviewed 10-May-2007
Applies To
Reflection for the Web 2008 (All Editions except Standard)
Reflection for the Web version 9.x
Summary
Technical Note 1956
Last Reviewed 10-May-2007
Applies To
Reflection for the Web 2008 (All Editions except Standard)
Reflection for the Web version 9.x
Summary
After upgrading Reflection for the Web, you may receive an error message when trying to make a secure connection. The error message may read, "Missing authorization token," "Invalid or missing authorization token," or "A proxy server authorization token was requested from the Reflection server but invalid data was received." This technical note outlines the steps to correct this issue.
Background
After you upgrade to Reflection for the Web 9.0 or higher, you may receive an error message when you try to make a secure connection. Beginning in version 9.0, the expiration date of the management server certificate is being checked. Since certificates are retained during the upgrade process, if the management server certificate is expired, the security proxy authorization token (that is signed by the management server certificate) will result in invalid or missing authorization token error messages. Prior to version 9.0, the expiration date of the management server certificate was not being checked, so you may not have been aware that the management server certificate had expired.
Generating a New Management Server Certificate
To eliminate the error messages, follow the steps below to generate a new management server certificate.
- Launch the Administrative WebStation and go to Security Setup > Certificates tab.
- Under Administer Reflection Management Server Certificate, check the Certificate status. If the certificate has expired, continue with the remaining steps.
- Select "Delete the self-signed server certificate" and follow the prompts to delete it. (If the certificate is not a self-signed certificate, you will need to obtain a new CA-signed certificate and import it. Continue with step 5 after obtaining a new CA-signed certificate).
- Select "Generate a new self-signed server certificate." Complete and submit the self-signed certificate form.
- Import the Management Server Certificate to the Security Proxy:
- Launch the Security Proxy Wizard.
- On the Trusted Certificates tab, you can import a trusted certificate from a file or directly from the management server over the network. Import the generated certificate from the Reflection management server over the network.
- Click Import, and then click the Server button.
- Specify (or accept the defaults for) the Reflection management server address, the management server (not the proxy server) HTTP port number, the servlet context, and the friendly name of the Reflection management server.
- The context name is used in the URL that accesses the management server, and it is often—although not always—the same as the directory within which the management server is installed. The default context name is rweb.
- Click OK.
