Azure ADFS with Shibboleth SP 2.6 validation issues

habanero9999 luke at
Fri Mar 2 11:43:23 EST 2018

I noticed in the logs that we are using what I presume to be the default
Trust Engine settings for the SP: 

2018-03-02 15:37:00 INFO Shibboleth.Application : no TrustEngine specified
or installed, using default chain {ExplicitKey, PKIX}

So the debug messages show ExplicitKey being tried and then failing:

2018-03-02 12:47:35 DEBUG XMLTooling.TrustEngine.ExplicitKey [1]: unable to
validate signature, no credentials available from peer
2018-03-02 12:47:35 DEBUG XMLTooling.TrustEngine.PKIX [1]: validating
signature using certificate from within the signature

Which then presumably brings us back to the client key/cert mismatch?

Sent from:

More information about the users mailing list