Hi Sundar,
The Signature tab in the relying party's properties refers to the SP certificate that's used to verify signatures on messages received from the SP.
If no certificate is configured under the Signature tab, ADFS doesn't expect the SAML authn request sent by the SP to be signed. Any signature that is included is ignored. SAML SSO will continue to work.
The SAML assertion sent to the SP is signed using ADFS's private key. This is not part of the relying party configuration.
If you want to confirm the SAML assertion signature is being verified correctly, change the partner identity provider's certificate in your SAML configuration (eg saml.config) to something like the sp.cer that we ship. SSO should fail as the signature won't verify.
Regards ComponentSpace Development
|