Help with setting up Duo Admin Panel and Shibboleth

[Cantor, Scott]

On 1/27/22, 7:14 PM, "Melvin Lasky" <melvin.lasky at manhattan.edu> wrote:

>    "I understand you're encountering the error outlined here,  which is basically either the SAML assertion was
> encrypted when your IdP doesn't support encrypted assertions

That's a fascinating bit of logic.

>    The Certificate for signing is in the Duo Metadata file. I double checked that looks right.

Well, an IdP can simply skip encryption if there's no key to use. Make sure the metadata file has a key marked for more than just signing, but more to the point, just trace it, don't waste time guessing what it's doing.

-- Scott