I'm trying to authenticate from my .Net app to salesforce via SAML - however salesforce doesn't seem to like my signed certificate portion of the xml I'm sending to it (I keep gettin an invalid signature error).

Does anyone have an .net example of how to sign the certificate so salesforce recognizes it???

My current code for signing the certificate (borrowed from codeproject http://www.codeproject.com/Articles/56640/Performing-a-SAML-Post-with-C) is:

public static XmlElement SignDoc(XmlDocument doc, X509Certificate2 cert2, string referenceId, string referenceValue)

        {

SamlSignedXml sig = newSamlSignedXml(doc, referenceId);

// Add the key to the SignedXml xmlDocument.

sig.SigningKey = cert2.PrivateKey;

// Create a reference to be signed.

Reference reference = newReference();

            reference.Uri = String.Empty;

            reference.Uri = "#" + referenceValue;

// Add an enveloped transformation to the reference.

XmlDsigEnvelopedSignatureTransform env = new XmlDsigEnvelopedSignatureTransform();

XmlDsigC14NTransform env2 = newXmlDsigC14NTransform();

            reference.AddTransform(env);

            reference.AddTransform(env2);

// Add the reference to the SignedXml object.

            sig.AddReference(reference);

// Add an RSAKeyValue KeyInfo

// (optional; helps recipient find key to validate).

KeyInfo keyInfo = newKeyInfo();

KeyInfoX509Data keyData = newKeyInfoX509Data(cert2);

            keyInfo.AddClause(keyData);

            sig.KeyInfo = keyInfo;

// Compute the signature.

            sig.ComputeSignature();

// Get the XML representation of the signature

// and save it to an XmlElement object.

XmlElement xmlDigitalSignature = sig.GetXml();

return xmlDigitalSignature;

        }