SSO: No Access Because Client's SAML Assertion Has No X.509 Signing Certificate (Doc ID 2209527.1)

Last updated on DECEMBER 15, 2016

Applies to:

Oracle Taleo Platform Cloud Service - SmartOrg (Central Configuration) - Version 15A and later
Information in this document applies to any platform.

Symptoms

Access to zone via SSO does not work.  Investigations of logs and traces show the following error related to the SAML assertion that was received into Taleo:

 

A Fiddler trace shows that the SAML assertion from the client's system is using a x509 certificate for the signing that is different than the client 'standalone' certificate installed in the relevant Taleo zone.

 

Changes

Earlier the client's "IDP" (Identity Provider) standalone certificate was uploaded to the zone and verified by customer as the one their system was going to use for signing SAML assertions submitted to Taleo.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms