function readOnly(count){ }
Sign Up ›
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
Learn More

Browse by Topic
ShowAll Questionssorted byDate Posted
+ Start a Discussion
rajahmrajahm 

PingFederarate 6.4 as Idp and getting login error

Hello,

 

I am evaluating PingFederate 6.4 as a Idp and configured to work with backbend LDAP.

 

I have created self -signed certificate with PingFederate and uploaded to SalesForce.com during SAML 2.0 enable configuration.

 

When Idp initiates SSO flow, I I can see in logs that login was successful but I am getting following error after redirection which indicates that there is mismatch between certificate. I have uploaded correct certificate to SalesForce.com which was generated by PingFederate server..

 

================== Error message

Your login attempt using single sign-on with an identity provider certificate has failed. Please contact your salesforce.com administrator for more information.

==========================

 

Did I miss anything ? Is this correct interpretation of error message ?

 

Thanks in advance.

Raj

 

Scott T.Scott T.

Hi Raj,

 

Taking a stab in the dark here - without knowing PingFederate...

 

Are you sure you have the correct certificate loaded into Salesforce.com's SSO configuration?  Keep in mind you probably have two different certificates at your IdP: one for SSL, and one for digitally signing Assertions.  You will want to ensure that the public signing (verification) certificate is imported into the SSO config, not the SSL one.

 

Hope that helps...

 

Scott