Wikis - Page

Knowledge Doc: 'Signature verification failed' error when configuring SAML integration with Azure AD and SSC

0 Likes

Summary
During SAML integration with SSC, the following error is received: /saml/SSO/alias/fortify_ssc [WARN] org.apache.xml.security.signature.XMLSignature - Signature verification failed

Products
Fortify Software Security Center

Environment
Fortify Software Security Center (SSC) 22.2.x

Situation
The following SAML errors are written to the ssc.log for a SAML integration with Azure Active Directory and SSC:

/saml/SSO/alias/fortify_ssc [WARN] org.apache.xml.security.signature.XMLSignature - Signature verification failed.

/saml/SSO/alias/fortify_ssc [DEBUG] org.springframework.security.saml.websso.WebSSOProfileConsumerImpl - Validation of authentication statement in assertion failed, skipping org.opensaml.xml.validation.ValidationException: Signature is not trusted or invalid

Cause
The IdP (Azure) signing certificate changed, but the Azure federated metadata was not updated in SSC.

Resolution
Go to Azure IdP and download the current Azure federated metadata.
Replace them in SSC (Refer to "IdP metadata location" in SSO configuration).
Restart SSC to apply the changes and try login again.


Knowledge Base Article Link


URL Name
KM000017194

Labels:

Support Tips/Knowledge Docs
Comment List
Related
Recommended