Error Message: SAML 2 SSO profile is not configured for relying party
I get the following error message when I go to an url that is protected by Shibboleth (according to my shibboleth2.xml RequestMap configuration):
Error Message: SAML 2 SSO profile is not configured for relying party: ....
On the error page I see:
"Something horrible happened. If the below message states that the SAML 2 SSO Profile is not configured for you, then either you haven't uploaded your metadata yet or your SP's entityID has not yet been properly configured."
Now, I have uploaded the metadata and the SP entityID of my shibboleth2.xml matches that in the metadata. I have rebooted IIS and the windows service, etc.
I did the following:
1) I uploaded my metadata using http://www.testshib.org/register.html with was successful according to the feedback. This feedback suggested to proceed with configuration.
2) In configuration at http://www.testshib.org/configure.html under Post Install SP config I have to possibility to generate an shibboleth2.xml which is in conflict with my self-defined shibboleth2.xml configuration (different EntityID). This is a bit confusing for me.
My question is:
Is it mandatory for me to use the generated shibboleth2.xml in step 2 above? Or do I have complete freedom in specifying my own shibboleth2.xml (in which for instance I can use my self-defined EntityID which is not necessarily the same as https://<hostname>/shibboleth)?
If I have complete freedom in specifying my shibboleth2.xml, what could be other reasons that I get the error message?