Cisco Bug: CSCul03812 - SAML response validation fails when remote IDP has 2 signing certs
Nov 18, 2020
- Cisco Webex Control Hub
Known Affected Releases
Symptom: When enabling SAML SSO on Cisco Unified Communications Manager, the Test SSO page test operation is unsuccessful and the enable SAML SSO operation cannot proceed. The Test SSO page indicates the following error Error - "The signing certificate does not match what's defined in the entity metadata" Conditions: This issue can occur in deployments where ADFS is the chosen Identity Provider and where ADFS is configured with two Token Signing Certificates, a primary certificate and a secondary certificate.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases