ComponentSpace

Forums



The SAML assertion signature failed to verify


The SAML assertion signature failed to verify

Author
Message
boyd98
boyd98
New Member
New Member (41 reputation)New Member (41 reputation)New Member (41 reputation)New Member (41 reputation)New Member (41 reputation)New Member (41 reputation)New Member (41 reputation)New Member (41 reputation)New Member (41 reputation)

Group: Forum Members
Posts: 29, Visits: 155
All of a sudden one of my clients reported SSO pass-through issues.

idp.log:

ComponentSpace.SAML2 Verbose: 0 : 1864/41: 6/17/2020 3:28:08 PM: Retrieving the signature certificates for the partner identity provider http://sso.blah.net/adfs/services/trust.
ComponentSpace.SAML2 Verbose: 0 : 1864/41: 6/17/2020 3:28:08 PM: The X.509 certificate with subject name CN=ADFS Signing - sso.blah.net and serial number ########### has been retrieved from the cache.
ComponentSpace.SAML2 Verbose: 0 : 1864/41: 6/17/2020 3:28:08 PM: The X.509 certificate with subject name CN=ADFS Signing - sso.blah.net and serial number  ########### is being used to verify the XML signature.
ComponentSpace.SAML2 Verbose: 0 : 1864/41: 6/17/2020 3:28:08 PM: Verifying the XML signature.
ComponentSpace.SAML2 Verbose: 0 : 1864/41: 6/17/2020 3:28:08 PM: Failed to verify the XML signature.

App log
: The SAML assertion signature failed to verify

Just want to get in front of any issue on my side.

My interpretation of the errors is the certificate that I have stored on my side no longer properly handshakes with the certificate on their side.
I've ask they confirm the serial number provided in my error log (the serial number / certificate saved in my application) and verify it matches what is coming from:  http://sso.blah.net/adfs/services/trust.

Might be a common sense question that yes, this is what the issue is....
Just wanted to confirm and get thoughts in case it may be any other issue.

ComponentSpace.SAML2  2.8.8.0


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)ComponentSpace Development (4.2K reputation)

Group: Administrators
Posts: 3K, Visits: 10K
It will almost certainly be a configuration mismatch of the partner certificate.

Please send the SAML log file as an email attachment to [email protected] mentioning your post. We can take a look at the certificate embedded in the signature and compare it with the configured certificate.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search