Hello,
We have the possibility in our system to add new SPs dynamically.
When we do that we reload the SAMLConfiguration file.
Unfortunately we get an error when trying to login:
Unable to perform SSO request: An X.509 signature certificate for the partner service provider hasn’t been configured.
If I recycle the IIS pools, I can login successfully.
Our version: ComponentSpace.SAML2, Version=2.6.0.15
Our simplified code to reload:
var samlConfiguration = new SAMLConfiguration();
// Fill samlConfiguration
SAMLController.Configuration = samlConfiguration;
In the SAML logs I see the SPs being loaded and cached:
Loading the X.509 certificate from the file …
The X.509 certificate with subject name xxx and serial number xxx has been loaded.
Caching the signature certificate for the default configuration partner service provider
Caching the encryption certificate for the default configuration partner service provider
The configured X.509 certificates have been successfully loaded.
But when updating the configuration during runtime, I only get:
The SAML configuration has been set.
And when trying to access the app I get the above error (X.509 signature not configured).
Am I missing something?
I have seen some .Net Core related code to reload the configuration, but I don’t see it in our Asp.Net version.
In this earlier release we’re not updating the certificate manager with the new SAML configuration.
After setting the new SAML configuration, please try the following.
using ComponentSpace.SAML2.Certificates;
SAMLController.CertificateManager = new CertificateManager(SAMLController.Configurations);
If there’s still an issue, please send the complete SAML log file as an email attachment to support@componentspace.com mentioning your forum post.
Note that for more recent releases this isn’t an issue as the certificate manager makes a call back to get the current SAML configuration.
[quote][/quote]
In this earlier release we're not updating the certificate manager with the new SAML configuration.
After setting the new SAML configuration, please try the following.
using ComponentSpace.SAML2.Certificates;
SAMLController.CertificateManager = new CertificateManager(SAMLController.Configurations);
If there's still an issue, please send the complete SAML log file as an email attachment to support@componentspace.com mentioning your forum post.
Note that for more recent releases this isn't an issue as the certificate manager makes a call back to get the current SAML configuration.
After setting the new SAML configuration, please try the following.
using ComponentSpace.SAML2.Certificates;
SAMLController.CertificateManager = new CertificateManager(SAMLController.Configurations);
If there's still an issue, please send the complete SAML log file as an email attachment to support@componentspace.com mentioning your forum post.
Note that for more recent releases this isn't an issue as the certificate manager makes a call back to get the current SAML configuration.
Thanks a lot for your answer, this indeed fixed my issue!
Have a nice day :)
You’re very welcome.