Forums, Documentation & Knowledge Base - ComponentSpace

"Failed to verify signature on HTTP redirect message" on ReceiveLogoutMessageByHTTPRedirect


https://componentspace.com/forums/Topic12035.aspx

By kuroczyd - 2/15/2022

I am trying to understand why I get the error "Failed to verify signature on HTTP redirect message" when a user tries to logout from an SSO session.
It is not the first time I am using  ComponentSpace SAML2 : we have a dozen of customers using the component and the login works well for them.
I suppose that there is something in the customer settings, certificate....
Can you advise what to look at and check ?
Thanks a lot


Stack Trace:
[SAMLSignatureException: Failed to verify signature on HTTP redirect message.] ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.CheckSignature(String redirectURL, String encodedSignature, String messageQueryName, AsymmetricAlgorithm key, String signatureAlgorithm) +459 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.VerifyResponseSignature(HttpRequestBase httpRequest, String signatureAlgorithm, String signature, AsymmetricAlgorithm key) +95 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.ReceiveMessage(HttpRequestBase httpRequest, XmlElement& samlMessage, String& relayState, Boolean& isRequest, Boolean& signed, AsymmetricAlgorithm key) +259 ComponentSpace.SAML2.Profiles.SingleLogout.SingleLogoutService.ReceiveLogoutMessageByHTTPRedirect(HttpRequestBase httpRequest, XmlElement& logoutMessage, String& relayState, Boolean& isRequest, Boolean& signed, AsymmetricAlgorithm key) +73
...


By ComponentSpace - 1/31/2023

The most common reason is that you have the wrong certificate configured.

If there's still an issue, please enable SAML trace and send the generated log file as an email attachment to [email protected]

https://www.componentspace.com/Forums/17/Enabing-SAML-Trace