The X.509 certificate could not be loaded from the file

aftabj · January 28, 2019, 8:58am

I used openssl to create the private and public key files and used a password for the private file. It generated two files ca.key and cas.pem, I used the ca.key file as the private key but I am getting this error
Additional information: The X.509 certificate could not be loaded from the file D:\Test Web Projects\TestSaml\TestSaml\Certificates\ca.key. Please help

My users login to my mvc application the login process has nothing to do with SAML. I just check the users against my DB. The reason I am using SAML2.0 is because I need to direct my users for payment process to another external page which is my service provider. So once they click on a button on my page they should be redirected to the other website. The following is the sample code I built to verify if its working. Kindly help me with this.

Web.config

<?xml version="1.0" encoding="utf-8"?>

<add key=“TargetURL” value=“”>https://btat2.paybill.com/consumer/SSO/SSOLogin?clientId=ReadyCapital"/>

<system.web>

</system.web>

Saml.config

<?xml version="1.0"?>

<IdentityProvider Name=“<a href=“https://TestSaml””>https://TestSaml"
Description=“Test Identity Provider”
LocalCertificateFile=“Certificates\ca.key”
LocalCertificatePassword=“readycapital”/>

<PartnerServiceProvider Name=“urn:oasis:names:tc:SAML:2.0:assertion”
Description=“MVC Example Service Provider”
SignSAMLResponse=“true”
SignAssertion=“false”
EncryptAssertion=“true”
AssertionConsumerServiceUrl="<a href=“http://www.paybill.com/V2/Test/Login.aspx” “>http://www.paybill.com/V2/Test/Login.aspx”
PartnerCertificateFile=“Certificates\btat2.cert”/>

Controller
public ActionResult Index(Profile profile)
{
string targetUrl = WebConfigurationManager.AppSettings[“TargetURL”];
string userName = “00373219101”;// WebConfigurationManager.AppSettings[“SubjectName”];
SAMLAttribute[] attributes = new SAMLAttribute[2];
SAMLAttribute attribute = new SAMLAttribute(“UserEmailAddress”, SAMLIdentifiers.AttributeNameFormats.Unspecified, null, string.Empty);
attributes[0] = attribute;

SAMLAttribute attribute2 = new SAMLAttribute(“MiscellaneousData”, SAMLIdentifiers.AttributeNameFormats.Unspecified, null, string.Empty);
attributes[1] = attribute2;

SAMLIdentityProvider.InitiateSSO(Response, userName, attributes, targetUrl);
}

ComponentSpace · January 28, 2019, 2:20pm

The underlying Windows API doesn’t support .key files.
Instead, you should convert this to a .pfx file.
This can be done using openssl.
https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/