Missing or invalid signature on assertion
Nate Klingenstein
ndk at internet2.edu
Wed Aug 29 15:02:16 EDT 2012
Wavyne,
> It appears that our metadata cert doesn't match the SAML assertion
> cert that is being transmitted. Can something explain why this has
> occurred and what can be done to fix it?
You can check the certificate that is being used by the IdP by looking
at the certificate subelement of <security:Credential
id="IdPCredential" xsi:type="security:X509Filesystem"> in relying-
party.xml. You'll need to compare that certificate to the one in the
metadata file you supplied to the PingFederate SP. You can make sure
they match by updating one, the other, or both.
Let us know if we can help further,
Nate.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20120829/7b842916/attachment.html
More information about the users
mailing list