Problems with IdP Automation

Question

We have been trying for a while to get the IdP Automation to work. The Metadata URL is accessible by BIG-IP, we have verified that using curl in an SSH terminal.
Every time BIG-IP wants to update/create the IdP, the following error message is written to the saml_automation.log file:&nbsp;
Error in create/modify of idp connector /Common/[IdP-name-based-on-config] Error: result { result_code 17237778 result_message "01070712:3: apm aaa saml-idp-connector /Common/[IdP-name-based-on-config] unable to parse metadata file /tmp/testout.xml" }&nbsp;
The following error message is written to the LTM log:&nbsp;
f5 err mcpd[4958]: 01070712:3: Caught configuration exception (0), apm aaa saml-idp-connector /Common/[IdP-name-based-on-config] unable e to parse metadata file /tmp/testout.xml.&nbsp;
Unfortunately the file /tmp/testout.xml does not exist. During the update process another file, /tmp/xml_meta.xml, is created but it gets immediately deleted.&nbsp;
Has anyone seen this behaviour before and managed to solve it?&nbsp;

peter_baumann_5 · Answer

Same problem here with v12.1.2 HF2:
Dec  1 11:26:40 f5-01 err mcpd[6777]: 01070712:3: Caught configuration exception (0), apm aaa saml-sp-connector saml_sp_spname unable to parse metadata file /var/tmp/1512123983004.upload.
SAML-SP Metadata is from Univention (UCS).

Forum Discussion

Problems with IdP Automation

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Automate Let's Encrypt Certificates on BIG-IP

Automating ACMEv2 Certificate Management on BIG-IP

Automate scp transfers using password

Prepare BIG-IP Central Manager for Automation

F5 and Cisco ACI Essentials: Automate automate automate !!!