Error creating SP metadata when adding X509 certificate for encryption
Lipscomb, Gary
glipscomb at csu.edu.au
Mon Feb 26 18:52:10 EST 2018
Hi Tom,
This is their 3rd try at generating a certificate, good it's not me.
Thanks
Gary
-----Original Message-----
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Tom Scavo
Sent: Tuesday, 27 February 2018 10:45 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: Error creating SP metadata when adding X509 certificate for encryption
On Mon, Feb 26, 2018 at 6:33 PM, Lipscomb, Gary <glipscomb at csu.edu.au> wrote:
>
> 2018-02-27 10:10:38,718 - ERROR [org.springframework.webflow.execution.ActionExecutionException:76] -
> org.springframework.webflow.execution.ActionExecutionException: Exception thrown executing net.shibboleth.idp.saml.saml2.profile.impl.PopulateEncryptionParameters at a1be63e in state 'OutboundContextsAndSecurityParameters' of flow 'SAML2/Unsolicited/SSO' -- action execution attributes were 'map[[empty]]'
> at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:60)
> Caused by: org.cryptacular.StreamException: IO error
> at org.cryptacular.util.CertUtil.readCertificate(CertUtil.java:256)
> Caused by: java.io.IOException: Short read of DER length
> at sun.security.util.DerInputStream.getLength(DerInputStream.java:582)
The certificate is faulty. I copy-and-pasted the certificate into a
file and ran openssl:
$ openssl x509 -text -noout -in junk.pem
unable to load certificate
Perhaps you should let them update their metadata with an appropriate
certificate?
Tom
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list