My Oracle Support Banner

Inserting DigitalSignature Inside SAML Assertion Throws Exception "signature error: not specified/sha256, invalid data: data and digest do not match (source location digests.c/236)" (Doc ID 2092009.1)

Last updated on FEBRUARY 25, 2019

Applies to:

Oracle API Gateway - Version 11.1.2.1.0 to 11.1.2.4.0 [Release 11gR1]
Information in this document applies to any platform.

Symptoms

During OAG policy development, there is a  requirement to verify digitally signed SAML assertions in SOAP headers from other internal FMW components.

When OAG receives a digitally signed SAML assertion with the digital signature inside of the assertion node, OAG throws the following error:

ERROR
-----------------------
signature error: not specified/sha256, invalid data: data and digest do not match (source location digests.c/236)


If the digital signature is placed outside of the SAML assertion node, no error occurs and processing is successful.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.