Preview Tool

Cisco Bug: CSCvv04056 - When generating new certificate for SSO login to vManage started to fail

Last Modified

Oct 13, 2020

Products (1)

  • Cisco SD-WAN

Known Affected Releases


Description (partial)

since certificate with pingID was about to expire after generatin new one(which generates new metadata) customer started to received
6-Jul-2020 16:37:19,668 UTC INFO  [vManage] [DataCollectionManager] (Thread-130) || Existing device, Sync Type: DATA_SYNC, Priority Sync: false
16-Jul-2020 16:37:19,675 UTC INFO  [vManage] [MetadataManager] (default task-238) |default| Remote entity fs:bae:saml2:entityid available
16-Jul-2020 16:37:19,679 UTC INFO  [vManage] [MetadataManager] (default task-238) |default| Local entity available under alias
16-Jul-2020 16:37:19,679 UTC INFO  [vManage] [SAMLProcessingFilter] (default task-238) |default| Available Provider size: [com.viptela.vmanage.server.sso.saml.metadata.DBMetadataProvider@651c34e5, com.viptela.vmanage.server.sso.saml.metadata.DBMetadataProvider@3a28f982]
16-Jul-2020 16:37:19,681 UTC INFO  [vManage] [SAMLProcessorImpl] (default task-238) |default| Inbound saml transport: POST
16-Jul-2020 16:37:19,687 UTC WARN  [vManage] [XMLSignature] (default task-238) |default| Signature verification failed.
16-Jul-2020 16:37:19,687 UTC ERROR [vManage] [SAMLProcessingFilter] (default task-238) |default| Incoming SAML message is invalid: Validation of protocol message signature failed

when taking of new metatada and putting old it works, only new one is rejected

manage runnign 19.2.1, 
new certificate created due to this new metadata need to be upload to vMaange
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.