Caught exception while verifying response signature reported after updating partnership certificate
Article ID: 115114
Updated On:
Products
CA Single Sign On Secure Proxy Server (SiteMinder)
CA Single Sign On SOA Security Manager (SiteMinder)
CA Single Sign-On
Issue/Introduction
After updating a partnership certificate on the SP due to expiration, we are observing the following error in the smps.log:
[2052/3248][Mon Nov 27 2017 11:53:19][SmAuthSaml.cpp:1296][INFO][sm-log-00000] SmAuthenticateJNI() failed. Caught exception while verifying response signature: java.lang.NumberFormatException: For input string: "IT"
How can we resolve this?
[2052/3248][Mon Nov 27 2017 11:53:19][SmAuthSaml.cpp:1296][INFO][sm-log-00000] SmAuthenticateJNI() failed. Caught exception while verifying response signature: java.lang.NumberFormatException: For input string: "IT"
How can we resolve this?
Environment
Policy Server : R12.52 SP1 CR00 Build 499, on Win2008 R2 Ent SP1 x64
Cause
There is a known issue where the Signature verification of AuthNRequest is
failing due to non-ascii characters in issuerDN:
Encrypting the assertion throws an error on the IDP side when cert contains
non-ASCI characters in the IssuerDN.
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr06
failing due to non-ascii characters in issuerDN:
Encrypting the assertion throws an error on the IDP side when cert contains
non-ASCI characters in the IssuerDN.
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr06
Resolution
Upgrade the Policy Server to 12.52 SP1 CR6 to resolve the issue.
Additional Information
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr06
Feedback
Yes
No
Powered by
