SimpleSAMLphp Unable to validate Signature error
14,632
- Get new metadata from Identity Provider.
- Update that metadata in Service Provider side.
Some times the certificate on identity provider get expired/renewed but SP still has the old one.
This is one possible scenario for this error, which I faced and fixed it by updating metadata.
Related videos on Youtube
Author by
mmts
Updated on June 06, 2022Comments
-
mmts almost 2 years
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION Backtrace: 0 simplesamlphp/www/module.php:189 (N/A) Caused by: Exception: Unable to validate Signature Backtrace: 6 simplesamlphp/lib/SAML2/Utils.php:149 (SAML2_Utils::validateSignature) 5 simplesamlphp/lib/SAML2/Assertion.php:494 (SAML2_Assertion::validate) 4 simplesamlphp/modules/saml/lib/Message.php:185 (sspmod_saml_Message::checkSign) 3 simplesamlphp/modules/saml/lib/Message.php:560 (sspmod_saml_Message::processAssertion) 2 simplesamlphp/modules/saml/lib/Message.php:532 (sspmod_saml_Message::processResponse) 1 simplesamlphp/modules/saml/www/sp/saml2-acs.php:81 (require) 0 simplesamlphp/www/module.php:144 (N/A)
I'm getting an error when logging into a site running SimpleSAMLphp. This started when the SSL cert on the server expired, but it has since been updated to a new valid certificate. I assumed this would rectify the error, but as you can see, it did not.
I've been unable to find anyone else having the same problem so I must be missing something obvious.
-
renoirb over 7 yearsYour advice is so and useful! I was in a situation where I had no idea why It wouldn't work. Then I read your comment, and realized that the configuration I was using had been put in place months ago. Of course the external provider may change their configuration.
-
Stephanie over 3 yearsHi, I did not set this up so please could you tell me where I might find the metadata. I have found the config files need to work out where to go the data from. Thank you
-
dylan sieren about 3 years@stephanie, I can't post because I don't have high enough reputation yet, but the idp metadata can be found in the ~/simplesaml/simplesamlphp-1.18.8/metadata/current/saml20-idp for simplesaml 1.18.8.