NNMi SAML Configuration with Google IdP

I am wondering if anyone has had any luck with setting NNMi (Classic) up with Google IdP SAML? I have followed the instructions, tried a few different ways and cannot get authenticated. The assertion from google appears ok, however NNMi returns an error into the log file and a 403 to the browser. I have added the Google certificate to the trust store as well and this did not help.

2024-04-30 15:01:48.420 ERROR [org.keycloak.adapters.saml.profile.webbrowsersso.WebBrowserSsoAuthenticationHandler] Failed to verify saml response signature: org.keycloak.common.VerificationException: Invalid signature on document

Tags: