search cancel

Error when uploading XML metadata when configuring an IdP service for Symantec Information Centric Encryption (ICE)

book

Article ID: 175209

calendar_today

Updated On:

Products

Information Centric Encryption

Issue/Introduction

When uploading XML metadata required to add an IdP Service to Symantec ICE, you may encounter the following error:

Failed to add Identity Provider details. Invalid Identity Provider Metadata URL or XML provided.

Cause

This error occurs if the SingleLogoutService binding information is missing from your XML metadata.

Resolution

To fix this issue, manually add the missing entry to the XML metadata and upload it again. The following is a sample XML metadata file:

<md:EntityDescriptor entityID="https://login.symantec.com/sso/sp/SAML2">
    <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:
    protocol">
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>MIIDRDCCmds9fuj0JKKI8Jf9ueKMWE8HDEUNHnji
                    h89n89H9HN9hy88g98fr5d65d45D7VnwfoNJ7v76f75DC8G6RTCXSc56uTY5
                    7fv6d5UT7668G56ZX4S343W23zxtch9b987IUB98B76Fd5d8d56d57ufTYCX
                    4545SXF76F7d5d46d7687f57D4ZXCUG789685es34234azhjvkjnioLMLK9O
                    PJUIGH8vytcftfd46ublknmiopu09HNOIH0IOBNiugoih0ij89HO0IH89Hio
                    h89n89H9HN9hy88g98fr5ZXCUG789685es34234azhjv668G56ZX4SRhk7Jh
                    789ggo9gh89B</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>789ggo9gh89BMIIDRDCC98B76Fd5d8d56d57ufTY
                    4545SXF76F7d5d46d7687f57D4ZXCUG789685eueKMWE8HDEUNHnjiHYjuty
                    PJUIGH8vytcftfd46ublknmiopu09HNOIH0IOBNiugoih0ij89HO0IH89Hio
                    h89n89H9HN9hy88g98fr5d65d45D709ZX4S343W23zxtch9b987IUKK9jk78
                    HNO88g98fIH0IOBNiugoih0ij89HO0IH89HioUG789685es3423343W23H8h
                    jjOPI79gh978y</ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:
        HTTP-Redirect" Location="https://login.collossalcorp.com/SAML2"/>
        <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient
        </md:NameIDFormat>
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:
        HTTP-Redirect" Location="https://login.collossalcorp.com/SAML2"/>
    </md:IDPSSODescriptor>
</md:EntityDescriptor>