A CryptographicException: Bad Key error may occur whilst attempting to decrypt an encrypted SAML assertion. If the decryption key is stored in a PFX file, ensure the key is marked for encryption and signature usage rather than just signature usage. This is the -sky exchange option when using the Microsoft makecert tool. If this wasn't specified at PFX creation time, the following commands may be used to set this option. openssl pkcs12 -in sp.pfx -out sp.pem openssl pkcs12 -export -in sp.pem -out good-sp.pfx -keyex
Regards ComponentSpace Development
|