I have a asp.net framework service provider. The identity provider is signing the assertion with an expired certificate. When my SP does the ReceiveSSO, it returns an invalid certificate exception. Is there any way to have the SP to accept an expired certificate?
Thanks
P.S. I know this creates a security risk, but it is currently being used only internally.
You can disable validation for all certificates by making the following call at application startup:
// Turn off X.509 certificate validation.
SAMLController.CertificateManager.CertificateValidator = null;
In later releases, we also support disabling validation on a per certificate basis through the SAML configuration.
<PartnerCertificates>
<Certificate FileName="Certificates\idp.cer" DisableValidationCheck="true"/>
</PartnerCertificates>
That worked. Thank you very much.