Subject: Ping Identity - Message digest incorrect when encrypted assertion used
Date: 2019-06-03 18:44:47
From: smcgillha
Source: ping-identity-message-digest-incorrect-encrypted-assertion-used

I'm currently working on a single sign-on implementation using the ComponentPro SAML library with a vendor that uses Ping Identity as their SSO provider.  The code is pretty basic, we're creating a SAML2 Response object, creating an assertion with a few attributes and encrypting it, signing the response last and then posting it.  The issue we're having however is Ping is rejecting the response saying the expected message digest does not match the actual message digest.  We're basically stuck at this point, Ping is doing some investigation but their initial feedback is that there is something wrong with the signing. During our investigation of the issue with the vendor we found the generated response is accepted by Ping if we don't use message level encryption.  It's not an option to forego message level encryption however, that was just to try to help narrow the issue.  Wondering if anyone else has run into this situation or knows of anything that could be of help as we're completely stuck at this point.  Thanks!


Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index