MetadataResolverService Initial load failed?

Christopher Bongaarts cab at umn.edu
Tue Nov 26 18:16:44 EST 2019 

Within that <MetadataProvider> element you'll find a nested element like 
this:

       <MetadataFilter xsi:type="SignatureValidation" 
requireSignedRoot="true"
certificateFile="%{idp.home}/credentials/incommon.pem" />

It's having trouble loading that certificateFile.

On 11/26/2019 5:02 PM, Scott Gilbert wrote:
> Thanks for the reply.
>
> So this metadata provider statement is not sufficient
>
>     <MetadataProvider id="INCOMMON" 
> xsi:type="FileBackedHTTPMetadataProvider"
>     
> metadataURL="http://md.incommon.org/InCommon/InCommon-metadata.xml" 
> backingFile="%{idp.home}/metadata/incommon-metadata.xml">
>
> as I recall there is some form of verification, so as not to spoof, it 
> may be in the incommon docs.
>
> Scott Gilbert
> IAM System Admin
> ETS Enterprise Technology Services
> University of California Santa Barbara
>
>
>
> On Tue, Nov 26, 2019 at 2:44 PM Christopher Bongaarts <cab at umn.edu 
> <mailto:cab at umn.edu>> wrote:
>
>     Check the contents and permissions of your InCommon metadata
>     validation
>     certificate...
>
>     On 11/26/2019 4:28 PM, Scott Gilbert wrote:
>     > Caused by: org.springframework.beans.factory.BeanCreationException:
>     > Error creating bean with name '(inner bean)#5ff6431a':
>     Invocation of
>     > init method failed; nested exception is
>     > org.cryptacular.StreamException: IO error
>     > at
>     >
>     org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1631)
>     > Caused by: org.cryptacular.StreamException: IO error
>     > at
>     org.cryptacular.util.CertUtil.readCertificateChain(CertUtil.java:328)
>     > Caused by: java.io.IOException: Incomplete data
>     > at
>     sun.security.provider.X509Factory.readOneBlock(X509Factory.java:612)
>     > 2019-11-26 14:07:11,867 -  - ERROR
>     >
>     [net.shibboleth.utilities.java.support.service.AbstractReloadableService:186]
>
>     > - Service 'shibboleth.MetadataResolverService': No further attempts
>     > will be made to reload
>
>     -- 
>     %%  Christopher A. Bongaarts   %% cab at umn.edu
>     <mailto:cab at umn.edu>          %%
>     %%  OIT - Identity Management  %% http://umn.edu/~cab  %%
>     %%  University of Minnesota    %%  +1 (612) 625-1809    %%
>
>     -- 
>     For Consortium Member technical support, see
>     https://wiki.shibboleth.net/confluence/x/coFAAg
>     To unsubscribe from this list send an email to
>     users-unsubscribe at shibboleth.net
>     <mailto:users-unsubscribe at shibboleth.net>
>
>
-- 
%%  Christopher A. Bongaarts   %%  cab at umn.edu          %%
%%  OIT - Identity Management  %%  http://umn.edu/~cab  %%
%%  University of Minnesota    %%  +1 (612) 625-1809    %%

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20191126/049aca27/attachment.html>

More information about the users mailing list