Credential failed name check

Marco Pirovano marco.pirovano at
Tue Nov 20 09:13:45 EST 2018


I'm adding a new SP to our IdP v3.3.3.

When I try to access the resource I'm getting this error:

   The request cannot be fulfilled because the message received does not meet the security requirements of the login service.

I have enabled the DEBUG log and found these errors:

 DEBUG [] - Checking trusted names against credential: [subjectName='CN=Gartner SHA2,OU=STG,O=Gartner,L=Stamford,ST=CT,C=US']
 DEBUG [] - Trusted names being evaluated are: []
 DEBUG [] - Processing subject alt names
 DEBUG [] - Extracted subject alt names from certificate: []
 DEBUG [] - Processing subject DN common name
 DEBUG [] - Extracted common name from certificate: Gartner SHA2
 DEBUG [] - Processing subject DN
 DEBUG [] - Extracted X500Principal from certificate: CN=Gartner SHA2,OU=STG,O=Gartner,L=Stamford,ST=CT,C=US
 DEBUG [] - Trusted name was not a DN or could not be parsed:
 ERROR [] - Credential failed name check: [subjectName='CN=Gartner SHA2,OU=STG,O=Gartner,L=Stamford,ST=CT,C=US']
 DEBUG [] - Evaluation of credential against trusted names failed. Aborting PKIX validation
 DEBUG [] - Failed to establish trust of KeyInfo-derived credential
 DEBUG [] - Failed to verify signature and/or establish trust using any KeyInfo-derived credentials
 DEBUG [] - PKIX validation of signature failed, unable to resolve valid and trusted signing key

Do you have any suggestions about the problem ?

Thank you very much.

Best Regards.
Marco Pirovano
Security & Network Competence Centre
Information & Communication Technology
Universita' Bocconi
via Gobbi, 5 - 20136 Milano
Tel. +39 02 5836.3173

More information about the users mailing list