We are trying out your SAML component for .Net Core and we get this exception when loading the certificate.
It works fine when running the code in Windows developer machine, but in a Docker container (running Linux) it throws this exception.
Certificate is read from database as byte array and converted into Base64 string.
Do you know a solution to this problem?
Is it possible to pass a byte array certificate or X509Certificate2 instance into IdP configuration?
Exception:
The X.509 certificate could not be loaded from the string. - error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
at ComponentSpace.Saml2.Certificates.CertificateLoader.LoadCertificateFromStringAsync(String certificateString, String certificatePassword)
at ComponentSpace.Saml2.Certificates.AbstractCachedCertificateLoader.LoadCertificateFromStringAsync(String certificateString, String certificatePassword)
at ComponentSpace.Saml2.Certificates.CertificateManager.LoadCertificatesAsync(IList`1 certificates, CertificateUse certificateUse)
at ComponentSpace.Saml2.Certificates.CertificateManager.GetPartnerIdentityProviderSignatureCertificatesAsync(String configurationID, String partnerIdentityProviderName)
at ComponentSpace.Saml2.SamlServiceProvider.GetPartnerProviderSignatureCertificatesAsync(Boolean precondition)
at ComponentSpace.Saml2.SamlServiceProvider.VerifySamlAssertionSignatureAsync(AssertionListItem assertionListItem)
at ComponentSpace.Saml2.SamlServiceProvider.GetSamlAssertionAsync(SamlResponse samlResponse)
at ComponentSpace.Saml2.SamlServiceProvider.ProcessSamlResponseAsync(XmlElement samlResponseElement)
at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync()
--- Inner exception stack trace ---
at Internal.Cryptography.Pal.CertificatePal.FromBlob(Byte[] rawData, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at ComponentSpace.Saml2.Certificates.CertificateLoader.LoadCertificateFromStringAsync(String certificateString, String certificatePassword)