SP metadata upload fails
Klingenstein, Nate
nklingenstein at calstate.edu
Mon Jan 15 11:04:21 EST 2018
I'll take a look now. Thanks for the report.
________________________________
From: users <users-bounces at shibboleth.net> on behalf of Dmitry Ukov <dukov at mirantis.com>
Sent: Monday, January 15, 2018 6:08:47 AM
To: users at shibboleth.net
Subject: SP metadata upload fails
Hello,
I'm trying to upload SP metadata to idp.testshib.org<http://idp.testshib.org/> via https://www.testshib.org/register.html
After clicking 'Upload file' button i'm getting response: 'Something horrible happened. Please contact the Shibboleth Users list.'
Same metadata was working previously. Could you please help with troubleshooting
Metadata:
<!--
This is example metadata only. Do *NOT* supply it as is without review,
and do *NOT* provide it in real time to your partners.
-->
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_71a7d284562b4ee3800714d220fa14e3057244dc" entityID="http://10.10.10.3:5000/Shibboleth.sso/Metadata">
<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
</md:Extensions>
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
<md:Extensions>
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="http://10.10.10.3:5000/Shibboleth.sso/Login"/>
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>jse3.jaws.jio.com<http://jse3.jaws.jio.com/></ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=jse3.jaws.jio.com<http://jse3.jaws.jio.com/></ds:X509SubjectName>
<ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAIzxs+Cu5An9MA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
BAMTEWpzZTMuamF3cy5qaW8uY29tMB4XDTE3MTAzMDA3MDA0MVoXDTI3MTAyODA3
MDA0MVowHDEaMBgGA1UEAxMRanNlMy5qYXdzLmppby5jb20wggEiMA0GCSqGSIb3
DQEBAQUAA4IBDwAwggEKAoIBAQCzgNLVVokbVbJ61rZROdTEHiDzMEWcYpDqE+9T
niYYs3pB3PiQunp12dpzcDbxkcBq76s06We9S7zaJOeUN2dbVp4KS8E57xQf0z+k
9C6dNd6spV6mcyUHynRHHXeNY/PKQd8nBe7wlIQBuCIhePSxHD7nos7vbfVIdNkH
jHwL94a5DNlD9hYeuWZp+RRe8gZESqov95ZGO+dW+Okawc5mJHRsJFDl8m+bwy6g
HzNO50dT7WUN4GV11JbnMcHzSpZ5Kz6PXXF/GeQ8FAJBrOmmB/Vk5mSz4Rdt5LBr
2vxCHdwNU658YOrfV968tagozDIAlYbesC6mQIjS3LqTRZClAgMBAAGjPzA9MBwG
A1UdEQQVMBOCEWpzZTMuamF3cy5qaW8uY29tMB0GA1UdDgQWBBRoIeOFyW++rPjD
wJ6csr/3l1wHqzANBgkqhkiG9w0BAQUFAAOCAQEALVNeElIgr+r9QoNRzES17DZC
04MxeWuorTC11WowEYXu7bP7RXyfPbMP8gk8wIcLZp7O1MDTCv8x3Sbl/cWahk/F
EJV3maJnEMYWJtMqPVBb3OwpXw1Gz5lLxVB9J+35V0t6HP/Xdtp3zB8ynKIobyuX
kOy48JwV+TbLPoo2EPC3KIYCvV8XHetjo1Y1iJwyXT5dXsWqLlvC4kvnUuyIZJaq
mSGqfjrQNsuS83vnut4jzXer5jhrPSrhN5TQPlV1bZehPMNrnzmyUoOprE3APXA6
ZvzpzAxS1Zw9rI/aKi629H6xjr01bph1QfPdiYlZOoWooQv4bTybxZOOgR4uCw==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://10.10.10.3:5000/Shibboleth.sso/Artifact/SOAP" index="1"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/SOAP"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/Redirect"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/POST"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://10.10.10.3:5000/Shibboleth.sso/SLO/Artifact"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/POST" index="1"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/Artifact" index="3"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML2/ECP" index="4"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML/POST" index="5"/>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://10.10.10.3:5000/Shibboleth.sso/SAML/Artifact" index="6"/>
</md:SPSSODescriptor>
</md:EntityDescriptor>
--
Kind regards
Dmitry Ukov
Principal Deployment Engineer
Mirantis, Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180115/6e3f0f76/attachment-0001.html>
More information about the users
mailing list