Error Unable to find certificate chain

de Oliveira, Vitor vmiranda at
Wed May 25 08:19:59 EDT 2016

Hello Folks,

I am configuring Shibboleth with Apache as a Service Provider.

After installing Shibboleth and configuring files httpd.conf (Apache), apache22 and shibboleth2 (Shibboleth), deploying IdP metadata file and generating SP metadata using the Metadatagenerator handler we tried to make a connection between the IdP and SP.

We, then, had the following error:

      <exServiceHealth exHealthStatus="Warning" exServiceName="Monitored System Events">
         <exDescription exHealthStatus="Warning"><b>System Event: Time:</b> 2016-05-24 18:27:19, <b>Age:</b> 629Ms, <b>Level:</b> Functional Loss<br><b>Comments:</b><br>Unable to validate SAML2 Trusted Service Provider. The trusted relationship with this entity will not be functional!<br>Error Validating X509 Certificate of Trusted Provider<br>Trusted Provider Type: SAML2 Trusted Service Provider<br>Trusted Provider Id:<br>Error Validating X509 Signing Certificate<br>X509 Certificate Version: 3<br>X509 Certificate Subject: CN=svg.local<br>X509 Certificate Issuer: CN=svg.local<br>X509 Certificate Serial Number: 13215475894996166680<br>X509 Certificate Start Date: 2016-05-24 09:27:46<br>X509 Certificate Expiration Date: 2026-05-22 09:27:46<br>X509 Certificate Validation Root Exception: com.novell.nidp.NIDPException: Unable to find certificate chain.  Root Cause: Unable to find certificate chain.</exDescription>

I googled and it seems is a problem with the configuration regarding federated SSO. I am not sure if I configured everything I need in order to make this work.

Would someone have an idea of what might be happening/missing?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list