/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
You use SAML 2.0 on NetWeaver JAVA and on the IdP side the signing certificate has changed. Therefore, the signature verification of the Response fails with errors like:
Signature validation with the configured primary certificate failed
Signiture validation of SAML2Assertion failed.
[EXCEPTION]
com.sap.security.saml2.lib.common.SAML2Exception: Verification failed.
The errors are found in trace collected with the JAVA TSHW trace log: Note:1332726 - Troubleshooting Wizard
Read more...
Environment
SAP Netweaver JAVA Systems
Product
Keywords
SAML 2.0, SAML 2.0, renew certificate, verify signature, trusted provider, primary signing certificate, secondary signing certificate, The validation of message 'Response' failed, X.509 certificate, Signiture validation of SAML2Assertion failed , KBA , BC-JAS-SEC-SML , JAVA SAML 1.1 and 2.0 , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)