+ Start a Discussion

SAML SSO Signature in assertion / response problems

I am trying to get SSO working from my local machine as the IdP to Salesforce Sandbox as the SP. Following the guide from https://simplesamlphp.org/docs/stable/simplesamlphp-idp, I get the following error: "Your login attempt using single sign-on with an identity provider certificate has failed".

When I run the SAML response through the parser in SF I get the following:
11. Validating the Signature
  Is the response signed? true
  Is the assertion signed? true
  The reference in the response signature is valid
  The signature in the assertion is not valid
  The reference in the assertion signature is valid
  Is the correct certificate supplied in the keyinfo? true
  Signature or certificate problems
  The signature in the response is not valid
Unable to map the subject to a Salesforce.com user

AssertionId: _5f11fcc6eef666fbd579d04d62725fac88f6b5628a

I've been banging my head against the wall, I've looked at other posts and have not gotten anywhere.

Any suggestions?
ShashankShashank (Salesforce Developers) 
It is most probably a mismatch between the IDP settings and Salesforce SSO settings. Please double check.