Verification of signed AuthnRequests

Peter Schober peter.schober at
Mon Nov 22 12:20:05 UTC 2021

* Max Spicer via users <users at> [2021-11-22 12:05]:
> We have an SP that is sending us signed AuthnRequests. We see occasional
> signature verification issues for this SP

Seem those are when the same data is being used that you're looking
at: a mismatch, hence the failed verification.

Which seems to imply that for the successing requests there must be
something else at play: Other metadata you have on record? Or the SP
behaving inconsistently (e.g. the service consisting of several nodes
in a cluster with not all cluster members being configured identically
wrt key usage)?


More information about the users mailing list