Unable to encrypt assertion

Chris Hanson chris at blueearth.net
Tue Jan 24 14:59:30 GMT 2012

Hi all,

I'm attempting to set up a Shibboleth SP for a current project. The IdP is
run by a state University and the test instance of my SP is on a sandbox
with no external DNS. When I hit my site in the browser I am forwarded to
the university's login page as expected. However, when I provide
credentials, I am redirected back to my server with the path:


I receive the following error message:

The system encountered an error at Tue Jan 24 08:49:55 2012
To report this problem, please contact the site administrator at
chris at blueearth.net.
Please include the following message in any email:
opensaml::FatalProfileException at (
SAML response contained an error.
Error from identity provider:
*Message:* Unable to encrypt assertion

 *Status:* urn:oasis:names:tc:SAML:2.0:status:Responder

There are no recent errors at /var/log/shibboleth/shibd.log
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20120124/09eecef3/attachment.html 

More information about the users mailing list