SP metadata upload fails

Klingenstein, Nate nklingenstein at calstate.edu
Mon Jan 15 11:04:21 EST 2018


I'll take a look now.  Thanks for the report.

________________________________
From: users <users-bounces at shibboleth.net> on behalf of Dmitry Ukov <dukov at mirantis.com>
Sent: Monday, January 15, 2018 6:08:47 AM
To: users at shibboleth.net
Subject: SP metadata upload fails

Hello,
I'm trying to upload SP metadata to idp.testshib.org<http://idp.testshib.org/> via https://www.testshib.org/register.html

After clicking 'Upload file' button i'm getting response: 'Something horrible happened. Please contact the Shibboleth Users list.'

Same metadata was working previously. Could you please help with troubleshooting
Metadata:

<!--
This is example metadata only. Do *NOT* supply it as is without review,
and do *NOT* provide it in real time to your partners.
 -->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_71a7d284562b4ee3800714d220fa14e3057244dc" entityID="http://10.10.10.3:5000/Shibboleth.sso/Metadata">

  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
  </md:Extensions>

  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
    <md:Extensions>
      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://10.10.10.3:5000/Shibboleth.sso/Login"/>
    </md:Extensions>
    <md:KeyDescriptor>
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:KeyName>jse3.jaws.jio.com<http://jse3.jaws.jio.com/></ds:KeyName>
        <ds:X509Data>
          <ds:X509SubjectName>CN=jse3.jaws.jio.com<http://jse3.jaws.jio.com/></ds:X509SubjectName>
          <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAIzxs+Cu5An9MA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
BAMTEWpzZTMuamF3cy5qaW8uY29tMB4XDTE3MTAzMDA3MDA0MVoXDTI3MTAyODA3
MDA0MVowHDEaMBgGA1UEAxMRanNlMy5qYXdzLmppby5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCzgNLVVokbVbJ61rZROdTEHiDzMEWcYpDqE+9T
niYYs3pB3PiQunp12dpzcDbxkcBq76s06We9S7zaJOeUN2dbVp4KS8E57xQf0z+k
9C6dNd6spV6mcyUHynRHHXeNY/PKQd8nBe7wlIQBuCIhePSxHD7nos7vbfVIdNkH
jHwL94a5DNlD9hYeuWZp+RRe8gZESqov95ZGO+dW+Okawc5mJHRsJFDl8m+bwy6g
HzNO50dT7WUN4GV11JbnMcHzSpZ5Kz6PXXF/GeQ8FAJBrOmmB/Vk5mSz4Rdt5LBr
2vxCHdwNU658YOrfV968tagozDIAlYbesC6mQIjS3LqTRZClAgMBAAGjPzA9MBwG
A1UdEQQVMBOCEWpzZTMuamF3cy5qaW8uY29tMB0GA1UdDgQWBBRoIeOFyW++rPjD
wJ6csr/3l1wHqzANBgkqhkiG9w0BAQUFAAOCAQEALVNeElIgr+r9QoNRzES17DZC
04MxeWuorTC11WowEYXu7bP7RXyfPbMP8gk8wIcLZp7O1MDTCv8x3Sbl/cWahk/F
EJV3maJnEMYWJtMqPVBb3OwpXw1Gz5lLxVB9J+35V0t6HP/Xdtp3zB8ynKIobyuX
kOy48JwV+TbLPoo2EPC3KIYCvV8XHetjo1Y1iJwyXT5dXsWqLlvC4kvnUuyIZJaq
mSGqfjrQNsuS83vnut4jzXer5jhrPSrhN5TQPlV1bZehPMNrnzmyUoOprE3APXA6
ZvzpzAxS1Zw9rI/aKi629H6xjr01bph1QfPdiYlZOoWooQv4bTybxZOOgR4uCw==
</ds:X509Certificate>
        </ds:X509Data>
      </ds:KeyInfo>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
    </md:KeyDescriptor>
    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://10.10.10.3:5000/Shibboleth.sso/Artifact/SOAP" index="1"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/SOAP"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/Redirect"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/POST"/>
    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/Artifact"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/POST" index="1"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/Artifact" index="3"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/ECP" index="4"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML/POST" index="5"/>
    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML/Artifact" index="6"/>
  </md:SPSSODescriptor>

</md:EntityDescriptor>

--
Kind regards
Dmitry Ukov
Principal Deployment Engineer
Mirantis, Inc.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180115/6e3f0f76/attachment-0001.html>


More information about the users mailing list