2976417 - SAML 2.0: "The digital signature of the received SAML2 message is invalid" for ABAP authentication

Symptom

While performing a SAML 2.0 authentication to ABAP system, it fails.
The following information can be verified in 'Incoming Response' of ABAP SAML Traces:

N SAML20 <Status>
N SAML20 <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester"/>
N SAML20 <StatusMessage>The digital signature of the received SAML2 message
N SAML20 is invalid.</StatusMessage>
N SAML20 </Status>

More information regarding the Security Diagnostic Tool for ABAP can be found in KBA 2960670.

Environment

SAP Netweaver AS ABAP 7.02
SAP Netweaver AS ABAP 7.30
SAP Netweaver AS ABAP 7.31
SAP Netweaver AS ABAP 7.40
SAP Netweaver AS ABAP 7.50 and higher

Product

SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5 ; SAP enhancement package 1 for SAP NetWeaver 7.3 ; SAP enhancement package 2 for SAP NetWeaver 7.0 ; SAP enhancement package 3 for SAP NetWeaver 7.0

Keywords

ABAP, SAML, SAML2, SAML 2.0, authentication, Response, fails, status code, digital signature, invalid, is invalid , KBA , BC-SEC-LGN-SML , SAML 2.0 for ABAP , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.