Shibboleth: found encrypted assertions, but no CredentialResolver was available
Posted
by
HorusKol
on Server Fault
See other posts from Server Fault
or by HorusKol
Published on 2011-01-06T04:28:20Z
Indexed on
2011/01/06
4:55 UTC
Read the original article
Hit count: 457
security
|shibboleth
I've gotten a Shibboleth Server Provider (SP) up and running, and I'm using the TestShib Identity Provider (IdP) for testing.
The configuration appears to be all correct, and when I requested my secured directory I was sent to the IdP where I logged in and then was sent back to https://example.org/Shibboleth.sso/SAML2/POST where I am getting a generic error message.
Checking the logs, I am told:
found encrypted assertions, but no CredentialResolver was available
I have rechecked the configuration, and there I have:
<CredentialResolver type="File" key="/etc/shibboleth/sp-key.pem" certificate="/etc/shibboleth/sp-cert.pem"/>
Both of these files are present at those locations.
I've restarted apache and retried, but still get the same error.
I don't know if it makes a difference - but only a subdirectory of the site has been secured - the documentroot is publicly available.
© Server Fault or respective owner