key algorithm didn't match ('AES' != 'RSA') failed to decrypt assertion: Unable to locate an encrypted key.

Cantor, Scott cantor.2 at
Wed Sep 19 09:21:56 EDT 2018

On 9/18/18, 10:21 PM, "users on behalf of Lipscomb, Gary" <users-bounces at on behalf of glipscomb at> wrote:

> Metadata sent to IdP generated from /Shibboleth.sso/Metadata. The public keys in the metadata for signing and 
> encryption match the appropriate certs on the SP.
> Where do I look next ?

You basically figure out why that statement is in fact not the case.

-- Scott

More information about the users mailing list