SSO: No Access Because Client's SAML Assertion Has No X.509 Signing Certificate
Last updated on DECEMBER 15, 2016
Applies to:Oracle Taleo Platform Cloud Service - SmartOrg (Central Configuration) - Version 15A and later
Information in this document applies to any platform.
Access to zone via SSO does not work. Investigations of logs and traces show the following error related to the SAML assertion that was received into Taleo:
A Fiddler trace shows that the SAML assertion from the client's system is using a x509 certificate for the signing that is different than the client 'standalone' certificate installed in the relevant Taleo zone.
Earlier the client's "IDP" (Identity Provider) standalone certificate was uploaded to the zone and verified by customer as the one their system was going to use for signing SAML assertions submitted to Taleo.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms