Shibboleth: found encrypted assertions, but no CredentialResolver was available

Posted by HorusKol on Server Fault See other posts from Server Fault or by HorusKol
Published on 2011-01-06T04:28:20Z Indexed on 2011/01/06 4:55 UTC
Read the original article Hit count: 457

Filed under:
|

I've gotten a Shibboleth Server Provider (SP) up and running, and I'm using the TestShib Identity Provider (IdP) for testing.

The configuration appears to be all correct, and when I requested my secured directory I was sent to the IdP where I logged in and then was sent back to https://example.org/Shibboleth.sso/SAML2/POST where I am getting a generic error message.

Checking the logs, I am told:

found encrypted assertions, but no CredentialResolver was available

I have rechecked the configuration, and there I have:

<CredentialResolver type="File" key="/etc/shibboleth/sp-key.pem" certificate="/etc/shibboleth/sp-cert.pem"/>

Both of these files are present at those locations.

I've restarted apache and retried, but still get the same error.

I don't know if it makes a difference - but only a subdirectory of the site has been secured - the documentroot is publicly available.

© Server Fault or respective owner

Related posts about security

Related posts about shibboleth