Setting up GitHub Enterprise as a SP - encryption options

Cantor, Scott cantor.2 at
Wed Aug 5 23:42:57 UTC 2020

On 8/5/20, 7:33 PM, "users on behalf of Graham Ballantyne" <users-bounces at on behalf of grahamb at> wrote:

>    Despite this, the IdP seems to still be insisting on attempting to encrypt assertions in the response, and failing:

Then that is not the right name of the RP, or the configuration is not in fact that. Occam's razor.

> We have several other SPs set up on our IDP that don't require encryption, and have the encryption options set to false
> in relying-party.xml, and work properly.

Then you probably fat-fingered the override in some odd way that's not evident. Check the logging on DEBUG for the name of the relying party configuration it applied (and put id="something" in the override element, leaving them unset results in generated names that are a pain to cross-check).

-- Scott

More information about the users mailing list