Forum Discussion

CX_280703's avatar
CX_280703
Icon for Nimbostratus rankNimbostratus
Nov 28, 2016
Solved

Error Encrypting a SAML Assertion from APM

Running F5 APM as an idP I am trying to encrypt a SAML Assertion using a third party certificate however I get an error in the APM logs along the lines of the following:

 

 

SSOv2 SAML configuration: SAML_RES=/Common/mySAML&SAML_RES_LIST=/Common/mySAML&SAML_SSO=

 

SSOv2 SAML Resource from configuration: /Common/mySAML

 

SSOv2 Using SAML SP Connector /Common/mySAML from SAML SSO ?0?

 

SSOv2 Error creating EncryptedData element - cannot use SP certificate: /Common/TEST_Cert.crt

 

SSOv2 Error creating encrypted assertion -

 

SSOv2 Error(12) creating encrypted SAML assertion

 

SSOv2 plugin error(12) in sso/sso.c:428

 

SSOv2 SAML configuration: SAML_RES=/Common/mySAML&SAML_RES_LIST=/Common/mySAML&SAML_SSO=

 

SSOv2 SAML Resource from configuration: /Common/mySAML

 

SSOv2 Using SAML SP Connector /Common/mySAML from SAML SSO

 

SSOv2 Error creating EncryptedData element - cannot use SP certificate: /Common/TEST_Cert.crt

 

SSOv2 Error creating encrypted assertion -

 

SSOv2 Error(12) creating encrypted SAML assertion

 

SSOv2 Plugin error(12) in sso/sso.c:428

 

 

The certificate is a self signed certificate:

 

DSA

 

2048 bit

 

 

I have tried another RSA certificate and have no issues encrypting the Assertion, only issues from this one and the fact that its a DSA is the only thing I can see that is really different. Any thoughts on why this certificate would fail? or how to get more info?

 

Thanks

 

2 Replies