The X.509 certificate could not be loaded from the file

We are trying component space for saml2.0 integration. We were able to successfully run the example projects (web form) sp inititated saml. Tried integrations with okta and onelogin and have no issues.

When we try to use the same approach in our application, receiving an error while processing “SAMLServiceProvider.ReceiveSSO” from Idp(Okta) . = “Exception: ComponentSpace.SAML2.Exceptions.SAMLCertificateException: The X.509 certificate could not be loaded…”

The InititateSSO is happening successfully but seeing issue loading okat.cer from the certifcates folder within the project

Any help to troubleshoot this would be appreciated. Thanks!
=================================================================================================
<?xml version="1.0"?>

<ServiceProvider Name=“<a href=“https://localhost:8001” “=””><a href=“https://localhost:8001” “=”“><a href=“https://localhost:8001"”>https://localhost:8001”
Description=“SagesGov App”
AssertionConsumerServiceUrl=“~/Handler/SamlAssertionConsumerService.ashx”
LocalCertificateFile=“Certificates\sp.pfx”
LocalCertificatePassword=“password”/>




<PartnerIdentityProvider Name=“<a href=“http://www.okta.com/exk1p2pgmpZtSaJh8357” “=””><a href=“http://www.okta.com/exk1p2pgmpZtSaJh8357” “=”“><a href=“http://www.okta.com/exk1p2pgmpZtSaJh8357"”>http://www.okta.com/exk1p2pgmpZtSaJh8357”
Description=“Okta”
SignAuthnRequest=“false”
WantAssertionSigned =“false”
SignLogoutRequest=“true”
SignLogoutResponse=“true”
WantLogoutRequestSigned=“true”
SingleSignOnServiceUrl=“<a href=“https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/sso/saml” “=””><a href=“https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/sso/saml” “=”“><a href=“https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/sso/saml””>https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/sso/saml"
SingleLogoutServiceUrl=“<a href=“https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/slo/saml” “=””><a href=“https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/slo/saml” “=”“><a href=“https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/slo/saml””>https://dev-398373.okta.com/app/sagesnetworksdev398373_sagesgovsaml_1/exk1p2pgmpZtSaJh8357/slo/saml"
PartnerCertificateFile=“Certificates\okta.cer”/>




========NOTE====================
tried both true and false for the settings below. same error message is seen in both cases:
SignAuthnRequest=“false”
WantAssertionSigned =“false”

===========================
ComponentSpace.SAML2 Verbose: 0 : 11108/30: 10/30/2019 12:46:10 PM: Verifying the SAML response signature.
ComponentSpace.SAML2 Verbose: 0 : 11108/30: 10/30/2019 12:46:10 PM: Retrieving the signature certificates for the partner identity provider http://www.okta.com/exk1p2pgmpZtSaJh8357.
ComponentSpace.SAML2 Verbose: 0 : 11108/30: 10/30/2019 12:46:10 PM: Loading the X.509 certificate from the file C:\Users\Karun\Downloads\Teton\src\Teton.Web\Certificates\okta.cer.
ComponentSpace.SAML2 Verbose: 0 : 11108/30: 10/30/2019 12:46:10 PM: Exception: ComponentSpace.SAML2.Exceptions.SAMLCertificateException: The X.509 certificate could not be loaded from the file C:\Users\Karun\Downloads\Teton\src\Teton.Web\Certificates\okta.cer. —> System.Security.Cryptography.CryptographicException: Cannot find the requested object.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2…ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags)
at ComponentSpace.SAML2.Certificates.CertificateLoader.LoadCertificateFromFile(String certificateFile, String certificatePassword)
— End of inner exception stack trace —
ComponentSpace.SAML2 Verbose: 0 : 11108/30: 10/30/2019 12:46:10 PM: at ComponentSpace.SAML2.Certificates.CertificateLoader.LoadCertificateFromFile(String certificateFile, String certificatePassword)
at ComponentSpace.SAML2.Certificates.CachedCertificateLoader.LoadCertificateFromFile(String certificateFile, String certificatePassword)
at ComponentSpace.SAML2.Certificates.CertificateManager.LoadCertificate(String certificateString, String certificateKey, String certificateFile, String certificatePassword, String certificatePasswordKey, StoreLocation storeLocation, StoreName storeName, String certificateSerialNumber, String certificateThumbprint, String certificateSubject)
at ComponentSpace.SAML2.Certificates.CertificateManager.LoadPartnerCertificate(PartnerProviderConfiguration partnerProviderConfiguration)
at ComponentSpace.SAML2.Certificates.CertificateManager.GetPartnerIdentityProviderSignatureCertificates(String configurationID, String partnerIdentityProviderName)
at ComponentSpace.SAML2.InternalSAMLServiceProvider.GetPartnerProviderSignatureCertificates()
at ComponentSpace.SAML2.InternalSAMLServiceProvider.VerifySAMLResponseSignature(XmlElement samlResponseElement)
at ComponentSpace.SAML2.InternalSAMLServiceProvider.ProcessSAMLResponse(XmlElement samlResponseElement, Boolean& isInResponseTo, String& authnContext, String& userName, SAMLAttribute[]& attributes)
at ComponentSpace.SAML2.InternalSAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& authnContext, String& userName, SAMLAttribute[]& attributes, String& relayState)
at ComponentSpace.SAML2.SAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& authnContext, String& userName, IDictionary& attributes, String& relayState)
at Teton.Web.Handler.SamlAssertionConsumerService.ProcessRequest(HttpContext context) in C:\Users\Karun\Downloads\Teton\src\Teton.Web\Handler\SamlAssertionConsumerService.ashx.cs:line 47
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)
at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)
at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
Exception thrown: ‘ComponentSpace.SAML2.Exceptions.SAMLCertificateException’ in ComponentSpace.SAML2.dll
=========================================================================================================================================================


OKTA (Idp) SAML config:

GENERAL

It looks like there’s an issue with the okta.cer file. From File Explorer, double click on the okta.cer file and confirm that it opens as a certificate file. If it doesn’t, try downloading the certificate from Okta again. Let us know if there’s still an issue.

You’re welcome.