PKIX validation of signature failed, unable to resolve valid and trusted signing key - Shibboleth Idp and Spring-Saml

Cantor, Scott cantor.2 at
Tue Sep 9 11:44:40 EDT 2014

On 9/9/14, 11:40 AM, "Thomas Jones" <thomas.jones.g at> wrote:
>That was the problem, although I was hoping that Shibb's IDP will give me
>a more accurate error; I'm not saying that the message was wrong, but
>that the error was more related to xml schema-valid than expire or wrong

If you want it to give you a schema error, then you have to choose to
enable that by applying a filter to the metadata. Absent that, there's
nothing it can report, all it knows is there's no key information present.

-- Scott

More information about the users mailing list