Any experiences with SPs rejecting IdP cert with CA:TRUE?
In attempting to integrate an SP ("IBMid Enterprise Federation") with
our IdP the SP rejected our IdP metadata complaining that the
certificate has the Basic Constraint set to "CA:TRUE". Of course, there
is no real reason for the SP to disallow the certificate and we are
working with them to get around this obstacle.
I am wondering if anyone has run into this same issue with _other_ SPs?
If so, how did you work around it?