When I attempt to perform the “initiateSloAsync” I am getting an error stating that a local service provider certificate is not configured or has expired. See the configuration below. The certificates are from the example app. They exist in the folder. Is there something that I am missing? Thanks!
{
“Name”:null,
“LocalIdentityProviderConfiguration”:null,
“LocalServiceProviderConfiguration”:{
“AssertionConsumerServiceUrl”:“https://localhost:44335/Saml/AssertionConsumerService”,
“DisableSchemaCheck”:false,
“ResolveToHttps”:true,
“SingleLogoutServiceUrl”:null,
“ArtifactResolutionServiceUrl”:null,
“Name”:“https://localhost:44335/”,
“Description”:null,
“LocalCertificates”:[
{
“Use”:null,
“String”:null,
“FileName”:“Certificates\sp.pfx”,
“Password”:“password”,
“StoreName”:null,
“StoreLocation”:null,
“SerialNumber”:null,
“Thumbprint”:null,
“SubjectName”:null,
“Key”:null
}
]
},
“PartnerIdentityProviderConfigurations”:[
{
“SingleSignOnServiceUrl”:“https://localhost:44363/SAML/SingleSignOnService”,
“SingleSignOnServiceBinding”:“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”,
“SignAuthnRequest”:true,
“ForceAuthn”:false,
“WantAssertionOrResponseSigned”:true,
“WantSamlResponseSigned”:false,
“WantAssertionSigned”:false,
“WantAssertionEncrypted”:false,
“WantNameIDEncrypted”:false,
“ProviderName”:null,
“RequestedAuthnContexts”:null,
“RequestedAuthnContextComparison”:null,
“ExpectedAuthnContext”:null,
“DisableIdPInitiatedSso”:false,
“DisableAssertionReplayCheck”:false,
“DisableRecipientCheck”:false,
“DisableAudienceRestrictionCheck”:false,
“DisableAuthnContextCheck”:false,
“PartnerCertificates”:[
{
“Use”:null,
“String”:null,
“FileName”:“Certificates\idp.cer”,
“Password”:null,
“StoreName”:null,
“StoreLocation”:null,
“SerialNumber”:null,
“Thumbprint”:null,
“SubjectName”:null,
“Key”:null
}
],
“AssertionConsumerServiceBinding”:“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”,
“SingleLogoutServiceUrl”:“https://localhost:44363/SAML/SingleLogoutService”,
“SingleLogoutServiceResponseUrl”:null,
“SingleLogoutServiceBinding”:“urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST”,
“ArtifactResolutionServiceUrl”:null,
“ArtifactEncoding”:“Url”,
“LogoutRequestLifeTime”:“00:03:00”,
“SignLogoutRequest”:true,
“SignLogoutResponse”:true,
“WantLogoutRequestSigned”:true,
“WantLogoutResponseSigned”:true,
“SignArtifactResolve”:false,
“SignArtifactResponse”:false,
“WantArtifactResolveSigned”:false,
“WantArtifactResponseSigned”:false,
“EncryptLogoutNameID”:false,
“IssuerFormat”:null,
“IssuerQualifier”:null,
“NameIDFormat”:null,
“NameIDQualifier”:null,
“DigestAlgorithm”:“ xmldsig-more namespace ”,
“SignatureAlgorithm”:“ xmldsig-more namespace ”,
“WantDigestAlgorithm”:null,
“WantSignatureAlgorithm”:null,
“KeyEncryptionAlgorithm”:“ XML Encryption Syntax and Processing ”,
“KeyEncryptionDigestAlgorithm”:null,
“KeyEncryptionMaskGenerationFunction”:null,
“DataEncryptionAlgorithm”:“ XML Encryption Syntax and Processing ”,
“ClockSkew”:“00:03:00”,
“UseEmbeddedCertificate”:false,
“EnableSha1Support”:false,
“DisableDestinationCheck”:false,
“DisableTimePeriodCheck”:false,
“DisableInboundLogout”:false,
“DisableOutboundLogout”:false,
“DisableInResponseToCheck”:true,
“DisablePendingLogoutCheck”:false,
“DisableLogoutResponseStatusCheck”:false,
“DisableClearAllSessionsOnLogout”:false,
“MappingRules”:null,
“Name”:“https://localhost:44363”,
“Description”:“”,
“LocalCertificates”:null
}
],
“PartnerServiceProviderConfigurations”:null
}
There shouldn’t be any issues with the test certificates we include with the example projects.
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post. The log should have more details.