[EXTERNAL] Re: Strange issue with Redirect endpoint and simple signing

[Mark McCoy]

We've validated everything in both directions, and even compared configurations with another University successfully using this application and are still at a loss for what to do next. We've asked the vendor to double/triple check that the certificate that is displayed on the configuration page for the application is the same one that is used when signing the AuthnRequest. We haven't heard back from them yet, but this is the only thing that we can think may be causing this. We don't have this problem with any other SPs that use the HTTP Redirect endpoint with a Simple Signature.

Is there a configuration item anywhere that will disable the Simple Signature validation for a specific SP?


Mark McCoy

Manager, Enterprise Collaboration Services


The University of Texas at San Antonio

University Technology Solutions

One UTSA Circle

San Antonio, TX 78249-3209

210.458.5871

________________________________
From: Cantor, Scott <cantor.2 at osu.edu>
Sent: Thursday, October 27, 2022 16:27
To: Shib Users <users at shibboleth.net>
Cc: Mark McCoy <Mark.McCoy at utsa.edu>
Subject: [EXTERNAL] Re: Strange issue with Redirect endpoint and simple signing

  **EXTERNAL EMAIL**
  This email originated outside of The University of Texas at San Antonio.
  Please exercise caution when clicking on links or opening attachments.



> cutting and pasting certificates back and forth, etc. (

You likely still don't have the right one, or at least you're not getting the metadata accurately changed. You may think you're editing the right file and you're not, for example. Or you might simply be messing up the syntax in some way (wrong use attribute on the KeyDescriptor, that kind of thing).

-- Scott


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20221110/ec5655ab/attachment.htm>