SimpleSAMLphp Unable to validate Signature error
SimpleSAML_Error_Error: UNHANDLEDEXCEPTION
Backtrace:
0 simplesamlphp/www/module.php:189 (N/A)
Caused by: Exception: Unable to validate Signature
Backtrace:
6 simplesamlphp/lib/SAML2/Utils.php:149 (SAML2_Utils::validateSignature)
5 simplesamlphp/lib/SAML2/Assertion.php:494 (SAML2_Assertion::validate)
4 simplesamlphp/modules/saml/lib/Message.php:185 (sspmod_saml_Message::checkSign)
3 simplesamlphp/modules/saml/lib/Message.php:560 (sspmod_saml_Message::processAssertion)
2 simplesamlphp/modules/saml/lib/Message.php:532 (sspmod_saml_Message::processResponse)
1 simplesamlphp/modules/saml/www/sp/saml2-acs.php:81 (require)
0 simplesamlphp/www/module.php:144 (N/A)
I'm getting an error when logging into a site running SimpleSAMLphp. This started when the SSL cert on the server expired, but it has since been updated to a new valid certificate. I assumed this would rectify the error, but as you can see, it did not.
I've been unable to find anyone else having the same problem so I must be missing something obvious.
Answer
- Get new metadata from Identity Provider.
- Update that metadata in Service Provider side.
Some times the certificate on identity provider get expired/renewed but SP still has the old one.
This is one possible scenario for this error, which I faced and fixed it by updating metadata.