Solved

SAML2Exception while accessing the link

Posted on 2016-11-14
6
35 Views
Last Modified: 2016-11-21
Hi Experts,

I have setup the ADFS 2.0 with SAML based windows authentication.

The setup was successful but while accessing the link it shows me a below error :

SAML2Exception.PNG
consecutive error
SAML2Exception_Next.PNG
What it says and How to resolve it?

Please guide.

Regards,
D Patel
0
Comment
Question by:D Patel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
6 Comments
 
LVL 28

Assisted Solution

by:Dan McFadden
Dan McFadden earned 500 total points
ID: 41886347
The first error is an SSL Certificate name mismatch error.  The error page is telling you that the actual host name does not match the host name that is registered in the SSL Certificate.  For example:  this occurs when the server's name is web01.domain.com and the host name in the SSL Cert is www.domain.com.

1. Did you take this SSL Cert from another and install it on this server?

Then second error is also self explanatory, the http method GET is not on this URL that you are going to.  Also, this is a web page running on Apache & Tomcat.... what is the relationship to ADFS and this server?

Dan
0
 
LVL 7

Author Comment

by:D Patel
ID: 41887308
Hi Dan,

Thanks for the sugggestion. I will check this.

See, I want to setup Single Sing On for my ERP using ADFS. Hence, I configured the settings to use SSO.

Regards,
D Patel
0
 
LVL 7

Author Comment

by:D Patel
ID: 41887419
SSL Certificate is the Self-Signed and generated on the same PC.

Also, Host Name in Generated certificate and on my server is with same name.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 28

Assisted Solution

by:Dan McFadden
Dan McFadden earned 500 total points
ID: 41887508
I would not recommend using a self-signed cert for SSO in Production.  Often, you will come across software that will try to validate the certificate chain and since it most likely will not know of your internal CA, it will throwing warnings at best or errors at worst.

If you say the name in the cert matches the machine its installed on, then there is other data in the cert that is incorrect or invalid.

Again, doing ADFS for SSO with a self-signed cert would be recommended (IMO).  For a test environment, it could be used.  But in Prod, its best to work with a certificate from a trusted CA.

Dan
0
 
LVL 7

Accepted Solution

by:
D Patel earned 0 total points
ID: 41890831
After re-configuring the ADFS settings my issue got resolved.

D Patel
0
 
LVL 7

Author Closing Comment

by:D Patel
ID: 41895653
Thanks for your help
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question