Hi I am getting the error message Failed to generate signature in the InitiateSSO method whe using SP initiated SAML SSO. I see on other threads that some get simliar messages stating about encryption etc - but this does not give any further information. If I set SignAuthnRequest=“false”, it hen goes to the IdP as expected (then I get different errors). Is it possible that the pfx file has not been generated in a particular way (this all worked when using your example certificate files).
[quote][/quote]
Hi I am getting the error message Failed to generate signature in the InitiateSSO method whe using SP initiated SAML SSO. I see on other threads that some get simliar messages stating about encryption etc - but this does not give any further information. If I set SignAuthnRequest="false", it hen goes to the IdP as expected (then I get different errors). Is it possible that the pfx file has not been generated in a particular way (this all worked when using your example certificate files).
After enabling the trace it did talk about Invalid algorithm specified.
I added the code
var x509Certificate = new X509Certificate2("XXX.pfx", "XXXXX", X509KeyStorageFlags.Exportable);
and got the results to my debug window. SOme of the results are as follows
[Signature Algorithm]
sha256RSA(1.2.840.113549.1.1.11)
Algorithm: RSA
Length: 2048
Provider Name: Microsoft Enhanced Cryptographic Provider v1.0
Provider type: 1
Thanks for including the certificate details. The cryptographic service provider type 1 doesn’t support SHA-256 signatures.
You can use openssl to convert the PFX to specify a type 24 cryptographic service provider.
More information may be found at:
http://www.componentspace.com/Forums/1578/SHA256-and-Converting-the-Cryptographic-Service-Provider-Type