PKIX validation of signature failed, unable to resolve valid and trusted signing key - Shibboleth Idp and Spring-Saml

Tom Scavo trscavo at
Mon Sep 8 09:17:21 EDT 2014

On Mon, Sep 8, 2014 at 9:04 AM, Thomas Jones <thomas.jones.g at> wrote:
> I loaded Shib's idp.crt file into the SP (they stored it in the KeyStore)
> but as you can see I getting a problem with the certificate.

For starters, the SP's metadata does not appear to be schema-valid.
There should be a <md:KeyDescriptor> element around <ds:KeyInfo>, I


More information about the users mailing list