supplied TrustEngine failed to validate SSL/TLS server certificate - while validating the saml response send by idp to SP
Peter Schober
peter.schober at univie.ac.at
Thu Jul 26 06:43:31 EDT 2018
* anuptiwary <anup.kr.tiwary at gmail.com> [2018-07-26 12:31]:
> ERROR Shibboleth.AttributeResolver.Query [29]: exception during SAML query
> to https://localhost:8443/idp/profile/SAML2/SOAP/AttributeQuery:
> CURLSOAPTransport failed while contacting SOAP endpoint
> (https://localhost:8443/idp/profile/SAML2/SOAP/AttributeQuery): SSL
> certificate problem: application verification failure
Why are you using Attribute Queries at all? Is that by design or
unintentional? (If the latter: "If it hurts stop doing it.")
If intentional, what's the certificate the IDP presents on port 8443?
How exactly did you configure the IDP (or Tomcat) wrt that port? Did
you configure Tomcat to use the idp-backchannel.p12 key pair for 8443?
Does the SP have this certificate available from the IDP's metadata?
>From the image you sent it's not clear at all how the IDP is exposed
to the network SP and what role Apache httpd plays here.
And all of this is simply a demo setup, since you seem to be running
the IDP and the SP all on the same box? Or what else is this for?
-peter
More information about the users
mailing list