You need to sign in to do that
Don't have an account?
Solees
SSO SAML2 Issue "Failed: Signature Invalid"
Hello friends, we are having an issue with a customer with the SSO and his ADFS. We have uploaded correctly their certificate and metadata and we are getting the following error "Failed: Signature Invalid" but we don't know how to fix it. We have tried changing our side and their side with no success. Please help us understand the issue.
This is the result the I have right now:
This is the result the I have right now:
Results |
Last recorded SAML login failure: 2016-04-20T21:56:33.750Z |
Unexpected Exceptions |
Ok |
1. Validating the Status |
Ok |
2. Looking for an Authentication Statement |
Ok |
3. Looking for a Conditions statement |
Ok |
4. Checking that the timestamps in the assertion are valid |
Current time is after notOnOrAfter in Conditions |
Current time is: 2016-04-20T22:09:14.847Z |
Time limit in Conditions, adjusted for skew, is: 2016-04-20T22:04:34.275Z |
Timestamp of the response is outside of allowed time window |
Current time is: 2016-04-20T22:09:14.847Z |
Timestamp is: 2016-04-20T21:56:34.275Z |
Allowed skew in milliseconds is 480000 |
Timestamp of the assertion is outside of allowed time window |
Current time is: 2016-04-20T22:09:14.847Z |
Timestamp is: 2016-04-20T21:56:34.275Z |
Allowed skew in milliseconds is 480000 |
5. Checking that the Attribute namespace matches, if provided |
Not Provided |
6. Miscellaneous format confirmations |
Ok |
7. Confirming Issuer matches |
Ok |
8. Confirming a Subject Confirmation was provided and contains valid timestamps |
Ok |
9. Checking that the Audience matches |
Ok |
10. Checking the Recipient |
Ok |
Organization Id that we expected: 00DR0000001unHb |
Organization Id that we found based on your assertion: 00DR0000001unHb |
11. Validating the Signature |
Is the response signed? false |
Is the assertion signed? true |
The reference in the assertion signature is valid |
Signature or certificate problems |
The signature in the assertion is not valid |
Is the correct certificate supplied in the keyinfo? false |
12. Checking that the Site URL Attribute contains a valid site url, if provided |
Not Provided |
13. Looking for portal and organization id, if provided |
Ok |
14. Checking if session security level is valid, if provided |
Ok |
https://developer.salesforce.com/forums/ForumsMain?id=906F0000000fy9yIAA