Symptom
-
Service provider may returns an error "User does not exist" in the browser.
-
In the IAS troubleshooting log the following error message is displayed:
Identity Provider could not process the authentication request received due to client error.
The digital signature of the received SAML2 message is invalid. Caused by: Certificate is expired (Certificate NotAfter: <date and time>) Caused by: NotAfter: <date and time> -
The SAML trace shows that the authentication request did not go to the Corporate Identity Provider and returned back to the service provider with the error message:
<StatusMessage>The digital signature of the received SAML2 message is invalid.</StatusMessage>
Read more...
Environment
Identity Authentication
Product
Keywords
SAML, certificate, expired, IAS,proxy, certificate, signing , KBA , BC-IAM-IDS , Identity Authentication Service , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.