Missing or invalid signature on assertion
ndk at internet2.edu
Wed Aug 29 15:02:16 EDT 2012
> It appears that our metadata cert doesn't match the SAML assertion
> cert that is being transmitted. Can something explain why this has
> occurred and what can be done to fix it?
You can check the certificate that is being used by the IdP by looking
at the certificate subelement of <security:Credential
id="IdPCredential" xsi:type="security:X509Filesystem"> in relying-
party.xml. You'll need to compare that certificate to the one in the
metadata file you supplied to the PingFederate SP. You can make sure
they match by updating one, the other, or both.
Let us know if we can help further,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users