I have SAML SSO env that ISVA 10.0.3 is configured as IDP and reverse proxy server is a point of contact. Everything was working fine apart from the timezone difference. When ISVA containers deployed by default they are configured with UTC time zone despite the fact that I added -e CONTAINER_TIMEZONE=America/Los_Angeles to docker run command.
To fix this problem I added -v /etc/timezone:/etc/timezone:ro -v /etc/localtime:/etc/localtime:ro parameter to docker run command. This will set timezone and time the same as on container host. This also matches up SAML SSO env timezone.
I have re-deployed ISVA containers with adding this parameter but this broke SAML request.
When I connect to my protected application in browser I start getting this error after login to IDP and redirecting to back to SP:
FBTSPS122E The Tivoli Federated Identity Manager runtime components are not initialized.

I have confirmed that all configurations in Federation and reverse proxy server are preserved after re-deploying all ISVA containers: wrp, config., Postgres, OpenLDAP, runtime.

I would very much appreciate if someone has any idea what might cause this issue and where should I start looking to fix it.

------------------------------
IRINA CHVETS
------------------------------

Original Message:
Sent: 2/8/2022 4:28:00 AM
From: IRINA CHVETS
Subject: SAML SSO with ISVA IDP is broken after redeploying lightweight containers.

I have SAML SSO env that ISVA 10.0.3 is configured as IDP and reverse proxy server is a point of contact. Everything was working fine apart from the timezone difference. When ISVA containers deployed by default they are configured with UTC time zone despite the fact that I added -e CONTAINER_TIMEZONE=America/Los_Angeles to docker run command.
To fix this problem I added -v /etc/timezone:/etc/timezone:ro -v /etc/localtime:/etc/localtime:ro parameter to docker run command. This will set timezone and time the same as on container host. This also matches up SAML SSO env timezone.
I have re-deployed ISVA containers with adding this parameter but this broke SAML request.
When I connect to my protected application in browser I start getting this error after login to IDP and redirecting to back to SP:
FBTSPS122E The Tivoli Federated Identity Manager runtime components are not initialized.

I have confirmed that all configurations in Federation and reverse proxy server are preserved after re-deploying all ISVA containers: wrp, config., Postgres, OpenLDAP, runtime.

I would very much appreciate if someone has any idea what might cause this issue and where should I start looking to fix it.

------------------------------
IRINA CHVETS
------------------------------