Unable to access SAML SSO URL and seeing error 403 due expired certificates in keystore. (Doc ID 2758557.1)

Last updated on AUGUST 07, 2023

Applies to:

Oracle WebLogic Server - Version 12.2.1.3.0 and later
Information in this document applies to any platform.

Symptoms

WebLogic is SP while ADFS is IdP. When SSO call is made it fails with 403 error. The SAML assertion fails with following error.

java.security.cert.CertificateExpiredException: NotAfter: Wed Nov 18 00:00:00 UTC 2020
at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:274)
at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:677)
at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:650)
at com.bea.security.saml2.util.SAML2Utils.getVerifyKey(SAML2Utils.java:552)

Changes

Changed the certificates at the IDP end.

Cause

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.

Unable to access SAML SSO URL and seeing error 403 due expired certificates in keystore. (Doc ID 2758557.1)

Applies to:

Symptoms

Changes

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!