Solved

SAML2Exception while accessing the link

Posted on 2016-11-14
6
20 Views
Last Modified: 2016-11-21
Hi Experts,

I have setup the ADFS 2.0 with SAML based windows authentication.

The setup was successful but while accessing the link it shows me a below error :

SAML2Exception.PNG
consecutive error
SAML2Exception_Next.PNG
What it says and How to resolve it?

Please guide.

Regards,
D Patel
0
Comment
Question by:DPatel
  • 4
  • 2
6 Comments
 
LVL 26

Assisted Solution

by:Dan McFadden
Dan McFadden earned 500 total points
ID: 41886347
The first error is an SSL Certificate name mismatch error.  The error page is telling you that the actual host name does not match the host name that is registered in the SSL Certificate.  For example:  this occurs when the server's name is web01.domain.com and the host name in the SSL Cert is www.domain.com.

1. Did you take this SSL Cert from another and install it on this server?

Then second error is also self explanatory, the http method GET is not on this URL that you are going to.  Also, this is a web page running on Apache & Tomcat.... what is the relationship to ADFS and this server?

Dan
0
 
LVL 6

Author Comment

by:DPatel
ID: 41887308
Hi Dan,

Thanks for the sugggestion. I will check this.

See, I want to setup Single Sing On for my ERP using ADFS. Hence, I configured the settings to use SSO.

Regards,
D Patel
0
 
LVL 6

Author Comment

by:DPatel
ID: 41887419
SSL Certificate is the Self-Signed and generated on the same PC.

Also, Host Name in Generated certificate and on my server is with same name.
0
Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

 
LVL 26

Assisted Solution

by:Dan McFadden
Dan McFadden earned 500 total points
ID: 41887508
I would not recommend using a self-signed cert for SSO in Production.  Often, you will come across software that will try to validate the certificate chain and since it most likely will not know of your internal CA, it will throwing warnings at best or errors at worst.

If you say the name in the cert matches the machine its installed on, then there is other data in the cert that is incorrect or invalid.

Again, doing ADFS for SSO with a self-signed cert would be recommended (IMO).  For a test environment, it could be used.  But in Prod, its best to work with a certificate from a trusted CA.

Dan
0
 
LVL 6

Accepted Solution

by:
DPatel earned 0 total points
ID: 41890831
After re-configuring the ADFS settings my issue got resolved.

D Patel
0
 
LVL 6

Author Closing Comment

by:DPatel
ID: 41895653
Thanks for your help
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now