none
Microsoft.IdentityModel.Protocols.XmlSignature.SignatureVerificationFailedException: ID4037 RRS feed

  • General discussion

  • Hello,

    I have struggling on this issue since a month, Can anyone please help to resolve the below error:

    I have RP who's certificate is already configured in ADFS 2.0 Signatures but still facing this below error Kindly advice on what is missing:

    Microsoft.IdentityModel.Protocols.XmlSignature.SignatureVerificationFailedException:
    ID4037: The key needed to verify the signature could not be resolved from the
    following security key identifier 'SecurityKeyIdentifier ( IsReadOnly = False,
    Count = 1, Clause[0] =
    Microsoft.IdentityServer.Tokens.MSISSecurityKeyIdentifierClause ) '. Ensure
    that the SecurityTokenResolver is populated with the required key. at
    Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.ResolveSigningCredentials()
    at
    Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.OnEndOfRootElement()
    at
    Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.Read()
    at System.Xml.XmlReader.ReadEndElement() at Microsoft.IdentityServer.Protocols.Saml.SamlProtocolSerializer.ReadAuthnRequest(XmlReader
    reader) at
    Microsoft.IdentityServer.Protocols.Saml.SamlProtocolSerializer.ReadSamlMessage(XmlReader
    reader, NamespaceContext context) at
    Microsoft.IdentityServer.Protocols.Saml.HttpSamlBindingSerializer.ReadProtocolMessage(String
    encodedSamlMessage) at
    Microsoft.IdentityServer.Protocols.Saml.Contract.SamlContractUtility.CreateSamlMessage(MSISSamlBindingMessage
    message) at
    Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolManager.Issue(HttpSamlRequestMessage
    httpSamlRequestMessage, SecurityTokenElement onBehalfOf, String sessionState,
    String relayState, String& newSamlSession, String&
    samlpAuthenticationProvider, Boolean isUrlTranslationNeeded,
    WrappedHttpListenerContext context, Boolean isKmsiRequested) at
    Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.RequestBearerToken(WrappedHttpListenerContext
    context, HttpSamlRequestMessage httpSamlRequest, SecurityTokenElement
    onBehalfOf, String relyingPartyIdentifier, Boolean isKmsiRequested, Boolean
    isApplicationProxyTokenRequired, String& samlpSessionState, String&
    samlpAuthenticationProvider) at
    Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSerializedToken(HttpSamlRequestMessage
    httpSamlRequest, WrappedHttpListenerContext context, String
    relyingPartyIdentifier, SecurityTokenElement signOnTokenElement, Boolean
    isKmsiRequested, Boolean isApplicationProxyTokenRequired) at
    Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSecurityToken(SamlSignInContext
    context, SecurityToken securityToken, SecurityToken deviceSecurityToken) at
    Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.Process(ProtocolContext
    context) at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext
    protocolContext, PassiveProtocolHandler protocolHandler) at
    Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext
    context)

    Friday, June 24, 2016 8:18 PM

All replies