sp testshib certificate validation on attribute query
rdw at steadingsoftware.com
Wed May 31 09:31:25 EDT 2017
> As you can see the ssl tomcat certificate is a certificate issued by letsencrypt.org and it's a valid certificate recognized by every browser.
It's got nothing to do with the browser nothing to do with certificate validity (in the canonical sense) and everything to do with your metadata at testshib.
> 2017-05-31 09:15:54 DEBUG XMLTooling.TrustEngine.ExplicitKey : no keys within this peer's key information matched the given end-entity certificate
The metadata doesn't have the correct key information
More information about the users