Hi ,
I get the following error when trying to verify the Certificate
ComponentSpace.SAML2.SAMLSignatureException: Failed to verify the XML signature. —> System.Security.Cryptography.CryptographicException: SignatureDescription could not be created for the signature algorithm supplied
I am verifying the SAMLResponse with the certificate with the below code.
if (trustedCerts.Any(x => SAMLAssertionSignature.Verify(samlResponseXml, x)))
here trustedCerts contains a list of certificates
The tricky part is that this works for the SAML Response coming from one application , but does not for another.
I have attached the saml responses(the working response and the not_working response) as well.
Not sure what exactly is wrong. Any help would be much appreciated.
Thanks & Regards
Roby
Hi Roby
The working SAML response is signed using SHA-1 whereas the not-working SAML response is signed using SHA-256.
Support for SHA-256 signatures requires v2.6.0.8 or later of the product as well as using the .NET 4 version of the SAML2 DLL.
If you’re using an earlier version, please contact us with the details to discuss upgrading to the latest version.
If you’re using a later version, please enable SAML trace and email the generated log file mentioning your forum post.
http://www.componentspace.com/Forums/17/Enabing-SAML-Trace