Message was signed, but signature could not be verified - Shibboleth 3.3

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Message was signed, but signature could not be verified - Shibboleth 3.3

Hi, I'm new to Shibboleth/SAML/SP so, please bear with me.

I'm trying to configure an IDP on a linux client along with a test SP (also a linux client). I've made all the necessary configuration changes and on connecting to the SP address, it redirects to the IDP for authentication and even the authentication works fine. However I get this error on the browser on logging in:


The system encountered an error at Tue Feb 21 02:54:59 2017

To report this problem, please contact the site administrator at root@localhost.

Please include the following message in any email:
opensaml::SecurityPolicyException at (

Message was signed, but signature could not be verified.

I checked the idp-process.log and did not find anything useful other than a WARN which might be the only thing special in it:

INFO [org.opensaml.saml.common.binding.impl.SAMLMetadataLookupHandler:128] - Message Handler:  No metadata returned for in role {urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor with protocol urn:oasis:names:tc:SAML:2.0:protocol
WARN [] - SAMLPeerContext did not contain either a SAMLMetadataContext or a RoleDescriptor, unable to evaluate rule
INFO [net.shibboleth.idp.authn.impl.ValidateUsernamePasswordAgainstJAAS:246] - Profile Action ValidateUsernamePasswordAgainstJAAS: Login by 'admin' succeeded
INFO [Shibboleth-Audit.SSO:241] - 20170221T075459Z|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect|_8c9f2d795f6c29a8917bf0ff2339d73b|||https://rh7-template4.mgmt.smoke/idp/shibboleth|urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST|_001dc75b58d6736c91901b086a429d4f|admin|urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport||AAdzZWNyZXQx8exmPgcC7sMi6irnJGh1axnQSbz6zy6uuj6HacTosdgEZhTM/g7VERKR9xR6I/FYic61HbB7xb0QjvYbuM9yr3EDfKXwzTlKtRvQPdDxGLRKEOmjfUYQf/sYk6sdpE2Mj0+pez/2fL0ysIgxA+8vn97QSf9DYuTr9mM6QQ==|_c5f3f55019bbb13cbb4900b71709be7e|

Does anyone have any ideas as to why this is coming up? Any resolutions?
Thanks for your time!