Error encrypting assertion while testing with testshib.org -
Cantor, Scott
cantor.2 at osu.edu
Wed May 13 11:33:21 EDT 2015
On 5/13/15, 2:59 PM, "Guillaume Gilbert" <Gilbert.Guillaume at lacsq.org>
wrote:
>
>1. Is there something else to do to install the unlimited strength
>policy files ?
No, that's it.
>2. Is there another cause for the illegal key size error?
I don't know, but the default algorithm used is AES-128, and that doesn't
require the stronger files. I think you need to turn up more logging for
lower layer components, and also check the logs up front for any issues
with algorithm registration.
>Notes :
>The certificates and domain are for testing purpose, nothing to hide
>there (that I know of).
Your credentials have nothing whatsoever to do with encryption by the IdP,
that isn't how RSA works. The only key from metadata involved is the SP's
(testshib's).
-- Scott
More information about the users
mailing list