Guest

Preview Tool

Cisco Bug: CSCul03812 - SAML response validation fails when remote IDP has 2 signing certs

Last Modified

Nov 18, 2020

Products (1)

  • Cisco Webex Control Hub

Known Affected Releases

1.5

Description (partial)

Symptom:
When enabling SAML SSO on Cisco Unified Communications Manager, the Test SSO page test operation is unsuccessful and the enable SAML SSO operation cannot proceed.

The Test SSO page indicates the following error Error - "The signing certificate does not match what's defined in the entity metadata"

Conditions:
This issue can occur in deployments where ADFS is the chosen Identity Provider and where ADFS is configured with two Token Signing Certificates, a primary certificate and a secondary certificate.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.