Previous Topic: Web Agent Option Pack Fails when TRANSIENTIP Checking is Enabled (75240, 83125)

Next Topic: NameID in Assertion Had the Wrong Format (76311, 83119)

Wrong Private Key is Used to Sign Assertions (76161, 83118)

Symptom:

The wrong key in the smkeydatabase is being used to sign assertions.

STAR Issue: 17507633+17527146;01

Solution:

To sign SAML 1.1 assertions, ensure that the correct certificate for each partnership is used when multiple affiliate domains are defined. If signed assertions are specified but no signing alias is selected, use the certificate corresponding to the defaultenterpriseprivatekey alias.


Copyright © 2010 CA. All rights reserved. Email CA about this topic