0

I am trying to authenticate with a PingFederate Idp. I am using asp.net mvc4 which provides wsfed via the Identity and access tool. It appears I am getting the saml assertion back fine. The Idp does require that the certificate is present and confirmed on the SP. I have the certificate from the Idp and installed it in trusted roots. I am using this line in web.config to have it look in trusted roots.

<certificateValidation certificateValidationMode="ChainTrust" / >

This is the exact error I am getting from my asp.net:

Crypto algorithm 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512' not supported in this context.

If it is finding the correct cert and just can't do sha512, what are my options?

4

1 回答 1

0

.NET 应用程序不支持开箱即用的 SHA512(不要问我为什么)。它可以在每个应用程序的基础上启用。请参阅https://stackoverflow.com/a/21435041/280222

如果 pingfederate 选择全局算法列表,这应该可以工作,但我自己没有使用 pingfederate,所以我不确定解决方案。

于 2014-12-12T07:57:20.170 回答