By courtney - 9/1/2022
We are testing the latest .Net Core SSO component to upgrade from an old ASP.NET version.
Loading our PFX file is throwing an error:
2022-09-01 16:31:43,779 ERROR ComponentSpace.Saml2.SamlServiceProvider.MoveNext [0] - MESSAGE: Initiation of SSO to the partner identity provider has failed.
ComponentSpace.Saml2.Exceptions.SamlCertificateException: The X.509 certificate could not be loaded from the file C:\inetpub\wwwroot\PBI\wwwroot\Certificates\GraspDataSSO.pfx. ---> ComponentSpace.Saml2.Exceptions.SamlCertificateException: The X.509 certificate with subject name E=*****, CN=*****, OU=*****, O=*****, L=*****, S=CA, C=US, serial number ***** and thumbprint ***** failed to validate. at ComponentSpace.Saml2.Certificates.CertificateLoader.ValidateCertificate(X509Certificate2 x509Certificate) at ComponentSpace.Saml2.Certificates.CertificateLoader.LoadCertificateFromFileAsync(String certificateFile, String certificatePassword) --- End of inner exception stack trace --- at ComponentSpace.Saml2.Certificates.CertificateLoader.LoadCertificateFromFileAsync(String certificateFile, String certificatePassword) at ComponentSpace.Saml2.Certificates.AbstractCachedCertificateLoader.LoadCertificateFromFileAsync(String certificateFile, String certificatePassword) at ComponentSpace.Saml2.Certificates.CertificateManager.LoadCertificatesAsync(IList`1 certificates, CertificateUse certificateUse) at ComponentSpace.Saml2.Certificates.CertificateManager.GetLocalServiceProviderCertificatesAsync(LocalServiceProviderConfiguration localServiceProviderConfiguration, PartnerIdentityProviderConfiguration partnerIdentityProviderConfiguration, CertificateUse certificateUse) at ComponentSpace.Saml2.SamlServiceProvider.GetLocalProviderSignatureCertificatesAsync(Boolean precondition) at ComponentSpace.Saml2.SamlServiceProvider.SendAuthnRequestAsync(XmlElement authnRequestElement, String relayState, String singleSignOnServiceUrl) at ComponentSpace.Saml2.SamlServiceProvider.InitiateSsoAsync(String partnerName, String relayState, ISsoOptions ssoOptions)
The PFX loads with the old SSO component. Windows recognizes it as a valid certificate. I have tried using a .CER export of the same certificate and I get the same error.
Can you recommend any things for me to try to help me figure out why the file "failed to validate"? What is it validating against?
Thanks Courtney
|
By ComponentSpace - 9/6/2022
Hi Courtney,
We don't have this feature in the older version you were using which is why it wasn't an issue.
|
|