We have a clock skew problem when issuing a SAML token to a client. The SSO server is ahead of time when compared to the requesting client.
Time from my client
-bash-4.1$ date --utc
Wed Sep 25 09:11:58 UTC 2013
Time from sso server:
sh-3.2# date --utc
Wed Sep 25 14:34:43 UTC 2013
Here is the error log
The time now Wed Sep 25 14:25:01 UTC 2013 does not fall in the request lifetime interval extended with clock tolerance of 600000 ms:
[ Wed Sep 25 08:53:21 UTC 2013; Wed Sep 25 09:23:21 UTC 2013). This might be due to a clock skew problem.
How do we solve this?