Performing SAML 2.0 authentication fails and one of the following error messages is raised:
- "Signature validation with the configured primary certificate failed..."
- "CX_SEC_SXML_ERROR: SSFW_KRN_VERIFY failed with: Signature verification failed (for signer) or Envelope failed (for recipient)"
- "SSFW_KRN_VERIFY failed with: Signer is not known or not trusted *OR* Recipient not found"
- Caused by: CX_SAML20_CORE: Error in ST program SAML2_ASSERTION when importing XML data. Long text: Error in ST program SAML2_ASSERTION when importing XML data.
- Caused by: CX_SEC_SXML_ERROR:
SAML20 at CL_SEC_SXML_DSIGNATURE->VERIFY_XML(Line 315)
The error appears in the SAML 2.0 traces which can be collected with the Security Diagnostic tool.
- SAP enhancement package 2 for SAP NetWeaver 7.0
- SAP NetWeaver 7.3
- SAP enhancement package 1 for SAP NetWeaver 7.3
- SAP NetWeaver 7.4
- SAP NetWeaver 7.5 and higher
SAML2.0 CX_SEC_SXML_ERROR SSFW_KRN_VERIFY Signature verification validation SSFW_KRN_VERIFY failed with: Signature verification failed SAML2_DEBUG SAML2_ASSERTION , KBA , BC-SEC-LGN-SML , SAML 2.0 for ABAP , How To
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.