Error message: Couldn’t validate XML digital signature
Problem
You are unable to establish a successful connection to ADFS.
Access requirements
You must have the following access to perform the steps in this article:
You must have the following access to perform the steps in this article:
table 0-row-2 1-row-2 2-row-2 layout-auto html-authored no-header | |
---|---|
Adobe Workfront plan | Any |
Adobe Workfront license |
New: Standard or Current: Plan |
Access level configurations | System Administrator |
For more detail about the information in this table, see Access requirements in Workfront documentation.
Cause 1: The certificate is incorrect
Solution
Manually retrieve the Signing Certificate from the ADFS Server:
-
In Windows, click Start > Administration > ADFS 2.0 Management.
The ADFS 2.0 Management dialog box is displayed. -
Select Trust Relationship > Relying Party Trusts in the left-hand pane.
-
Right-click on Relying Party Trust, and select Properties.
-
Click on the Signature tab.
-
Click on the name of the Signing Certificate, and click View.
-
Click Copy to File…, and select Next.
-
Select Base-64 encoded x.509 (CER), and click Next.
-
Specify the file name, and click Next.
-
Click Finish.
-
In Adobe Workfront, navigate to Setup > System > Single Sign-On (SSO) and manually upload the Signing Certificate.
Cause 2: The certificate is signed using DSA when Workfront is expecting an RSA signature
Solution
Recreate the certificate and use the RSA signature instead of the DSA.
Cause 3: XML Data is incorrect
Solution
Re-export and re-import the XML metadata from the ADFS management system.
Cause 4: The request could not be performed due to an error on the SAML side
Solution
Contact your SAML provider.