ComponentSpace

Forums



Verify method fails


Verify method fails

Author
Message
sarat
sarat
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 7
The verify method from component space fails for me. I  have added the log files in e web.config for verbosity. Can some one help me figure out why the verify is failing?
I believe its the certificate that is wrong. And if it is wrong, how to generate the right certificate?

Thanks,
Sarat.
Attachments
2020-10-01.log (1 view, 27.00 KB)
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thanks for sharing the log. It includes the following:

38080/26: 10/1/2020 2:38:58 PM: The X.509 certificate with subject name CN=protegentidp.fnfis.com, OU=Enterprise SSL Pro, OU=Hosted by Fidelity National Information Services, OU=Corporate Account, O="Fidelity National Information Services, Inc.", STREET=601 Riverside Ave, L=Jacksonville, S=Florida, PostalCode=32204, C=US and serial number 00824E33752EFABCB5D95D8632ADEA0D77 is being used to verify the XML signature.

38080/26: 10/1/2020 2:38:58 PM: The X.509 certificate with subject name CN=global and serial number 016B4C056CBA is embedded in the XML signature.

We log both the certificate being used to verify the signature as well as the certificate that's embedded in the signature itself. You can see that these don't match which means the wrong certificate is being used.

I've attached the embedded certificate. Rename to .cer and use this for the verification.




Regards
ComponentSpace Development
Attachments
global.cer.txt (2 views, 896 bytes)
sarat
sarat
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 7
ComponentSpace - 10/1/2020
Thanks for sharing the log. It includes the following:

38080/26: 10/1/2020 2:38:58 PM: The X.509 certificate with subject name CN=protegentidp.fnfis.com, OU=Enterprise SSL Pro, OU=Hosted by Fidelity National Information Services, OU=Corporate Account, O="Fidelity National Information Services, Inc.", STREET=601 Riverside Ave, L=Jacksonville, S=Florida, PostalCode=32204, C=US and serial number 00824E33752EFABCB5D95D8632ADEA0D77 is being used to verify the XML signature.

38080/26: 10/1/2020 2:38:58 PM: The X.509 certificate with subject name CN=global and serial number 016B4C056CBA is embedded in the XML signature.

We log both the certificate being used to verify the signature as well as the certificate that's embedded in the signature itself. You can see that these don't match which means the wrong certificate is being used.

I've attached the embedded certificate. Rename to .cer and use this for the verification.



Thank you so much for getting back to me. I have used the attached certificate but it still didn't work. I still have the same issue. Attached is the log i just generated today. 
Attachments
2020-10-05.log (1 view, 7.00 KB)
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
I extracted the SAML assertion from the log and attempted to verify the signature.

We have both C# and Java applications to independently check signatures and neither could verify the signature.

If you take a look at the SAML assertion XML using Notepad etc you'll see it includes newlines and other whitespace characters. Often when we see this and the signature doesn't verify it's because this formatting occurred after signing.

How did you receive the SAML assertion? Was it supplied as an example in a file? If so, the formatting used to display the XML has invalidated the signature.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search