3142425 - This key is not allowed due to the crypto policy file in use

Symptom

Changed application certificate leads to Identity Authentication service (IAS) issues. Error in the IAS Troubleshooting log:

*********************************
message=Identity Provider could not process the authentication request received due to client error. The digital signature of the received SAML2 message is invalid. Caused by: Verification failed.
Caused by: Unable to validate signature Caused by: This key is not allowed due to the crypto policy file in use. Using Unlimited Strength Jurisdiction Policy Files will fix the problem (Note: 989517). Caused by: Not an RSA key
*********************************

Environment

Identity Authentication
Release Independent

Product

Identity Authentication 1.0

Keywords

sso single-sign-on login.failed artifact JAVA Service Provider SP Identity Provider IdP Issue Instant is not valid SAP Production ABAP R/3 ERP SRM CRM ERP PPM SEM APO XI PI PORTAL Test development QA SAML 2.0 SAML2Assertion Warning saml2.sp.ResponseValidationService SAML2Assertion Service Provider SAMLREQUEST RBA, Identity federation, guided answers, SCP, platform

, KBA , BC-IAM-IDS , Identity Authentication Service , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.