I'm trying to configure GP with SAML/SSO Auth. After entering credentials I get a "Authentication FailedError code: -1" using GP web portal.
On SAML server side the authent is OK.
It seems like the FW doesn't like the response from the server.
It tries to verify the Idp signature but I didn't select this option...
PA-5220 - 8.1.6
1552905956 ERROR OpenSAML.Utility.SAMLSign : caught an exception: CredentialResolver did not supply any verification keys.
1552905956 ERROR OpenSAML.Utility.SAMLSign : caught an exception: Failed to verify signature in xml object.
2019-03-18 11:45:56.088 +0100 Failed to verify signature against certificate of IdP "crt.campus-firewall.shared"
2019-03-18 11:45:56.088 +0100 SAML signature in message from IdP "SSO-redirection-URL" can't be validated
Thank you for posting and sharing your solution. Glad to hear you were able to get this resolved.
For non-coureware related questions, please contact the Support team for assistance.
This discussion board is for Palo Alto Networks courseware related inquiries so it's not the best place for troubleshooting technical issues.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!