I inherited component space from my dev team and cannot understand how to correctly bind the certificate to sign correctly. We've updated our public certificate and everything except assertions requiring signature are working. All Service Partners, IP, and IDP function just fine, but when I go to sign an assertion the code breaks down for crypto reasons.
What certificate is used in the signing process? The IDP PFX? Should this be converted to PFX from a PEM or specific format? Should it include public and private keys?
4/22/2022 11:27:27 AM : - RxFormsController:OASSO() : Exception occurred for user CV*******. System Message : Exception Message : Failed to generate XML signature. Exception Message : Invalid algorithm specified. Stack Trace : at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.Utils.SignValue(SafeKeyHandle hKey, Int32 keyNumber, Int32 calgKey, Int32 calgHash, Byte[] hash, Int32 cbHash, ObjectHandleOnStack retSignature) at System.Security.Cryptography.Utils.SignValue(SafeKeyHandle hKey, Int32 keyNumber, Int32 calgKey, Int32 calgHash, Byte[] hash) at System.Security.Cryptography.RSACryptoServiceProvider.SignHash(Byte[] rgbHash, Int32 calgHash) at System.Security.Cryptography.Xml.SignedXml.ComputeSignature() at ComponentSpace.SAML2.Utility.XmlSignature.Generate(XmlElement xmlElement, String elementId, AsymmetricAlgorithm signingKey, KeyInfo keyInfo, SignedXml signedXml, String inclusiveNamespacesPrefixList, String digestMethod, String signatureMethod) Stack Trace : at ComponentSpace.SAML2.Utility.XmlSignature.Generate(XmlElement xmlElement, String elementId, AsymmetricAlgorithm signingKey, KeyInfo keyInfo, SignedXml signedXml, String inclusiveNamespacesPrefixList, String digestMethod, String signatureMethod) at ComponentSpace.SAML2.InternalSAMLIdentityProvider.CreateSAMLResponse(String userName, SAMLAttribute[] attributes, Status status, String assertionConsumerServiceUrl) at ComponentSpace.SAML2.InternalSAMLIdentityProvider.InitiateSSO(HttpResponseBase httpResponse, String userName, SAMLAttribute[] attributes, String relayState, String partnerSP, String assertionConsumerServiceUrl) at ComponentSpace.SAML2.SAMLIdentityProvider.InitiateSSO(HttpResponseBase httpResponse, String userName, IDictionary`2 attributes, String relayState, String partnerSP) at ProviderPortal.Controllers.PageControllers.Authorization.RxFormsController.OASSO(String id, String memberId)
Any help appreciated. Also sent an email in for support.
|