Fatal error when authenticating with Shibboleth

Wed Mar 4 09:38:29 EST 2020

Hi guy,

Hi guys,

I'm having troubles with Shibboleth... When I try to authenticate I am
getting an erro message.
[image: image.png]
Idk the cause... It was working well till friday...

Below, part of shibd.log

2020-03-02 08:32:42 DEBUG XMLTooling.XMLObjectBuilder [105] [default]:
located XMLObjectBuilder for element name:
{urn:oasis:names:tc:SAML:2.0:assertion}Attribute 2020-03-02 08:32:42 DEBUG
XMLTooling.XMLObjectBuilder [105] [default]: located XMLObjectBuilder for
element name: {urn:oasis:names:tc:SAML:2.0:assertion}AttributeValue
2020-03-02 08:32:42 DEBUG XMLTooling.XMLObjectBuilder [105] [default]:
located XMLObjectBuilder for element name:
{urn:oasis:names:tc:SAML:2.0:assertion}AuthnStatement 2020-03-02 08:32:42
DEBUG XMLTooling.XMLObjectBuilder [105] [default]: located XMLObjectBuilder
for element name: {urn:oasis:names:tc:SAML:2.0:assertion}AuthnContext
2020-03-02 08:32:42 DEBUG XMLTooling.XMLObjectBuilder [105] [default]:
located XMLObjectBuilder for element name:
{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextCl$ 2020-03-02 08:32:42
DEBUG Shibboleth.SSO.SAML2 [105] [default]: decrypted Assertion: <Assertion
xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="_0b729442-e9fa-4335-a$
2020-03-02 08:32:42 DEBUG Shibboleth.SSO.SAML2 [105] [default]: extracting
issuer from SAML 2.0 assertion 2020-03-02 08:32:42 DEBUG
OpenSAML.SecurityPolicyRule.MessageFlow [105] [default]: evaluating message
flow policy (replay checking on, expiration 60) 2020-03-02 08:32:42 DEBUG
XMLTooling.StorageService [105] [default]: inserted record
(_0b729442-e9fa-4335-a199-25182ea0d72f) in context (MessageFlow) with
expiration ($ 2020-03-02 08:32:42 DEBUG
OpenSAML.SecurityPolicyRule.XMLSigning [105] [default]: validating
signature profile 2020-03-02 08:32:42 DEBUG XMLTooling.CredentialCriteria
[105] [default]: keys didn't match 2020-03-02 08:32:42 DEBUG
XMLTooling.CredentialCriteria [105] [default]: keys didn't match 2020-03-02
08:32:42 DEBUG XMLTooling.TrustEngine.ExplicitKey [105] [default]: unable
to validate signature, no credentials available from peer 2020-03-02
08:32:42 DEBUG XMLTooling.TrustEngine.PKIX [105] [default]: validating
signature using certificate from within the signature 2020-03-02 08:32:42
DEBUG XMLTooling.TrustEngine.PKIX [105] [default]: signature verified with
key inside signature, attempting certificate validation... 2020-03-02
08:32:42 DEBUG XMLTooling.TrustEngine.PKIX [105] [default]: checking that
the certificate name is acceptable *2020-03-02 08:32:42 DEBUG
XMLTooling.TrustEngine.PKIX [105] [default]: adding to list of trusted
names (http://fs.fgv.br/adfs/services/trust
<http://fs.fgv.br/adfs/services/trust>) 2020-03-02 08:32:42 DEBUG
XMLTooling.TrustEngine.PKIX [105] [default]: certificate subject: CN=ADFS
Signing - fs.fgv.br <http://fs.fgv.br> 2020-03-02 08:32:42 DEBUG
XMLTooling.TrustEngine.PKIX [105] [default]: unable to match DN, trying TLS
subjectAltName match 2020-03-02 08:32:42 DEBUG XMLTooling.TrustEngine.PKIX
[105] [default]: unable to match subjectAltName, trying TLS CN match
2020-03-02 08:32:42 ERROR XMLTooling.TrustEngine.PKIX [105] [default]:
certificate name was not acceptable* 2020-03-02 08:32:42 WARN
OpenSAML.SecurityPolicyRule.XMLSigning [105] [default]: unable to verify
message signature with supplied trust engine 2020-03-02 08:32:42 WARN
Shibboleth.SSO.SAML2 [105] [default]: detected a problem with assertion:
Message was signed, but signature could not be verified. 2020-03-02
08:32:42 WARN Shibboleth.SSO.SAML2 [105] [default]: error processing
incoming assertion: Message was signed, but signature could not be
verified. 2020-03-02 08:32:42 DEBUG Shibboleth.Listener [105] [default]:
dispatching message

Does anyone can help, please?

best regards,

*Alexandre Abreu*

*"A tua palavra tenho eu escondida no meu*

*  coração, para eu não pecar contra ti."                    Sl 119.11*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200304/b0ab6d5a/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image.png
Type: image/png
Size: 32980 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20200304/b0ab6d5a/attachment.png>