Symptom
Application can not be reached in Neo environment through an SAML Identity Provider.
- An "HTTP Status 500 - An internal application error occurred" error is displayed on the screen after performing SSO, or the SSO process is in an infinite loop.
- The application log contains the following error:
#ERROR#Authentication failed. Reason: Signature validation of SAML2Assertion failed. com.sap.security.saml2.lib.common.SAML2Exception: Signature not valid! - The application log may contain following error instead:
Caused by: com.sap.security.saml2.sp.sso.exception.BadCredentialsException: SAML2Response signature verification failed.
...
Caused by: com.sap.security.saml2.lib.common.SAML2Exception: Certificate is expired (Certificate NotAfter: <expired validity date>)
...
Caused by: java.security.cert.CertificateExpiredException: NotAfter: <expired validity date>
Read more...
Environment
SAP BTP, Neo environment
Product
Keywords
SAML, IDP, corporate IDP, HTTP Status 500, An internal application error occured, Authentication failed, Signature validation, SAML2Assertion failed, Caused by: com.sap.security.saml2.lib.common.SAML2Exception: Signature not valid!, CertificateExpiredException, SAML2Exception, Certificate is expired, NotAfter, CertificateExpiredException: NotAfter , KBA , scp , sap cloud platform , BC-NEO-SEC-IAM , Authentication, Authorization(Cloud Platform Neo) , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.