Archive for the ‘uk federation’ Category

  • Shibboleth Cert miss-match with UK Federation

    Date: 2009.11.02 | Category: shibboleth, uk federation | Response: 0

    padlock%5B1%5D Shibboleth Cert miss match with UK Federation
    I’m wasn’t sure how this happened but this error appeared in my SP:

    2009-11-02 15:39:30 ERROR OpenSSL [3]: path validation failure: self signed certificate
    2009-11-02 15:39:30 ERROR XMLTooling.SOAPTransport.CURL [3]: supplied TrustEngine failed to validate SSL/TLS server certificate
    2009-11-02 15:39:30 ERROR Shibboleth.AttributeResolver.Query [3]: exception during SAML query to xxxxx AttributeQuery: CURLSOAPTransport failed while contacting SOAP endpoint (xxxx): SSL certificate problem, verify that the CA cert is OK. Details:
    2009-11-02 15:39:30 ERROR Shibboleth.AttributeResolver.Query [3]: unable to obtain a SAML response from attribute authority
    Note: I replaced my IDP paths with xxxx for the purpose of this post.
    I got in touch with the UK Federation asking if they could shed any light on the problem.
    It turns out that this was due to my IDP information not being correct at the metadata end. I notified the UK Federation and they updated my record and republished their metadata and it started working again icon smile Shibboleth Cert miss match with UK Federation
    Thanks to Sara for helping out with this.
    Note: was the value that wasn’t changed at federation level.