We recently upgraded to v2.6.0.19 and now we are getting the following Error on the Identity Provider when calling SamlIdentityProvider.InitiateSSO
Failed to generate the XML signature. —> System.Security.Cryptography.CryptographicException: Invalid algorithm specified.
I tried following the instructions in other threads on the same error, but I’m not sure my issue is the same. The others seem to be an issue when the Certificate signature algorithm is SHA256, whereas my signature algorithm on my certificate is listed as sha1RSA
Here is a dump from my cert.ToString(true) method call
Key Store : Machine
Provider Name: Microsoft Enhanced RSA and AES cryptographic PRovider
Provider Type : 24
Key Spec: Exchange
Key Container Name: {omitted}
Unique key container Name : {omitted}
Hardware Device: False
Removable: False
Protected: False
[quote][/quote]
We recently upgraded to v2.6.0.19 and now we are getting the following Error on the Identity Provider when calling SamlIdentityProvider.InitiateSSO
Failed to generate the XML signature. ---> System.Security.Cryptography.CryptographicException: Invalid algorithm specified.
I tried following the instructions in other threads on the same error, but I'm not sure my issue is the same. The others seem to be an issue when the Certificate signature algorithm is SHA256, whereas my signature algorithm on my certificate is listed as sha1RSA
Here is a dump from my cert.ToString(true) method call
Key Store : Machine
Provider Name: Microsoft Enhanced RSA and AES cryptographic PRovider
Provider Type : 24
Key Spec: Exchange
Key Container Name: {omitted}
Unique key container Name : {omitted}
Hardware Device: False
Removable: False
Protected: False
It seems to be an issue with the server. I have the same Certificate with private key working on another site running on windows server 2008r2. However if I use that same certificate on windows server 2012r2 I get the invalid algorithm error.
Failed to generate the XML signature. ---> System.Security.Cryptography.CryptographicException: Invalid algorithm specified.
I tried following the instructions in other threads on the same error, but I'm not sure my issue is the same. The others seem to be an issue when the Certificate signature algorithm is SHA256, whereas my signature algorithm on my certificate is listed as sha1RSA
Here is a dump from my cert.ToString(true) method call
Key Store : Machine
Provider Name: Microsoft Enhanced RSA and AES cryptographic PRovider
Provider Type : 24
Key Spec: Exchange
Key Container Name: {omitted}
Unique key container Name : {omitted}
Hardware Device: False
Removable: False
Protected: False
It seems to be an issue with the server. I have the same Certificate with private key working on another site running on windows server 2008r2. However if I use that same certificate on windows server 2012r2 I get the invalid algorithm error.
The provider name and type are correct for supporting SHA-256 signatures so that isn’t the issue.
Please note that the signature algorithm listed in the certificate’s properties refers to the algorithm used by the certificate issuer to sign the certificate.
This isn’t related to whether or not the certificate may be used for generating SHA-256 signatures.
Are you using the .NET 4.0 version of the ComponentSpace.SAML2 DLL?
You’ll find this in C:\Program Files (x86)\ComponentSpace SAML v2.0 for .NET\Bin\dotNET40.
Do you get the same error if you use the idp.pfx that we ship?
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com.
http://www.componentspace.com/Forums/17/Enabing-SAML-Trace