Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN.

book

Article ID: 6854

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

We are using Siteminder as IDP and 3rd party provider as SP. Everything is working fine but when we try to encrypt assertion they are getting the error :

  [Total Assertions to Encrypt: 1] 

  [Cert Serial# used: def0208d950e1fa7] 

  [Error Encrypting Assertion:0 Encoding is null.] 

  [Failed to Encrypt Assertion in Response: ...

Cause

You face this issue in the Policy Server 12.51CR08 because of an internal problem when encrypting the assertion.

This internal problem is fixed in Policy Server 1251CR10

 

 

Environment

Policy Server 12.51CR08

Resolution

Upgrade the Policy Server to at least 1251CR10.

Additional Information

DE175174 

Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN.

https://docops.ca.com/ca-single-sign-on/12-51/en/release-notes/cumulative-releases-for-12-51/defects-fixed-in-ca-siteminder-12-51-cr10