Error Message: Signing of responses is required but no signing credential is available

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Error Message: Signing of responses is required but no signing credential is available

erk7
Hi all,

I've upgraded from Shib1.3 to Shib2 and I'm testing out my configuration.  My IdP is using the Username/Password login handler, which hits our LDAP server.  I can confirm that the servlet correctly authenticates against the LDAP server but afterward, I receive a message "Error Message: Signing of responses is required but no signing credential is available".  

I can't find much about this error.  I have a feeling I have my IdP configured in such a way that it has some extraneous security requirements?

Any help is appreciated.
Reply | Threaded
Open this post in threaded view
|

Re: Error Message: Signing of responses is required but no signing credential is available

Michael J. Wheeler
I'm a bit of a noob when it comes to Shibboleth, but I think this means that it can't find the certificate with which to sign your SAML assertion. There are options in a few places to set the certificate.

--
Michael J. Wheeler
Assistant Director, Systems and Networking
Pittsburg State University
Phone:  620-235-4610
E-mail: [hidden email]

----- Original Message -----
From: [hidden email]
To: [hidden email]
Sent: Tuesday, January 13, 2009 3:40:04 PM GMT -06:00 US/Canada Central
Subject: [Shib-Users] Error Message: Signing of responses is required but no signing credential is available

Hi all,

I've upgraded from Shib1.3 to Shib2 and I'm testing out my configuration.  My IdP is using the Username/Password login handler, which hits our LDAP server.  I can confirm that the servlet correctly authenticates against the LDAP server but afterward, I receive a message "Error Message: Signing of responses is required but no signing credential is available".  

I can't find much about this error.  I have a feeling I have my IdP configured in such a way that it has some extraneous security requirements?

Any help is appreciated.
Reply | Threaded
Open this post in threaded view
|

Re: Error Message: Signing of responses is required but no signing credential is available

erk7
In reply to this post by erk7
Thanks, all.  I figured it out.  I needed a defaultSigningCredentialRef attribute in the IdP's RelyingParty element describing my SP.