How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I enable message level debugging for ssoadm in AM (All versions)?

Last updated Apr 13, 2021

The purpose of this article is to provide information on enabling message level debugging for ssoadm in AM. Message level debugging can be useful when troubleshooting ssoadm issues. Additionally, you can enable SSL debug logging if you access the configuration store and/or AM instance using a SSL/TLS secured connection.


4 readers recommend this article

Enabling message level debugging

You can enable message level debugging in ssoadm as follows:

  1. Add the following JVM option to the ssoadm or ssoadm.bat script: -D"com.iplanet.services.debug.level=message" \
  2. Delete the contents of the /debug directory; the /debug directory is specified during the installation of the ssoadm administration tool. You can confirm which directory this is by checking the value of the following JVM option in the ssoadm or ssoadm.bat script: -D"com.iplanet.services.debug.directory=YOUR_DEBUG_FOLDER_PATH" \
  3. Re-attempt the ssoadm command that was causing issues to obtain more detailed debug information; this is logged to the /debug directory. 

Enabling SSL debug logging

You can enable SSL debug logging by adding the following JVM option to the ssoadm or ssoadm.bat script:

-D"javax.net.debug=SSL" \

SSL debugging information is output to the command line providing you access the configuration store and/or AM instance using a SSL/TLS secured connection.

See Also

ssoadm fails in AM (All versions) with FATAL ERROR: Cannot obtain Application SSO token

FAQ: Installing and using ssoadm in AM

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.