I received a *.jks (java key store file) from our client. We are a microsoft shop. I used keytool and converted *.jks into *.pkcs12 file.
When I use this certificate to sign saml response I get this error message.
Unable to cast object of type ‘System.Security.Cryptography.DSACryptoServiceProvider’ to type ‘System.Security.Cryptography.RSA’
Here is my code snippet:
X509Certificate2Collection coll = myStore.Certificates.Find(X509FindType.FindByThumbprint, certThumbprint, false);
X509Certificate2 cert = coll[0];
SAMLMessageSignature.Generate(samlResponseXml, cert.PrivateKey, cert); //error occur here
When I debug, I see cert.PrivateKey as DSACryptoProvider type.
When I use a different certificate (the one we have for our development), I see cert.PrivateKey as RSACryptoProvider.
Am I missing any arguments to SAMLMessageSignature.Generate to let it know that I am passing a certificate whose privatekey is DSACryptoProvider type?
I’m not sure if this is a limitation in our code or the underlying APIs we call. Nearly all of our customers are using RSA.
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post.
Also include the full stack trace - ie Exception.ToString().
Thanks.
[quote][/quote]
I'm not sure if this is a limitation in our code or the underlying APIs we call. Nearly all of our customers are using RSA.
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post.
Also include the full stack trace - ie Exception.ToString().
Thanks.
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post.
Also include the full stack trace - ie Exception.ToString().
Thanks.
Hello,
Thank you for your response, yes, this is caused due to the underlying .net call that you make, we contacted our client and got the RSA cert and got the calls working.
Great. Thanks for the update.