You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -51,8 +51,8 @@ If, when logging in to the SAML Sinatra sample app, you get an error saying:
This is usually caused by a mismatch between the IdP certificate used to sign the response, and the recorded signature of the certificate which is saved in the environment variable `idp_cert_fingerprint` (either in config/application.yml, or the environment variables in the deployed environment).
To fix this, you'll first need to get the X509 Certificate from the appropriate SAML metadata endpoint, ie `https://idp.dev.identitysandbox.gov/api/saml/metadata2024` for `https://dev-identity-saml-sinatra.app.cloud.gov/`.
The local `identity-saml-sinatra` app uses the certificate from `identity-idp`, so that XML can be found at `identity-idp/config/artifacts.example/local/saml2024.crt`.
To fix this, you'll first need to get the X509 Certificate from the appropriate SAML metadata endpoint, ie ([https://idp.dev.identitysandbox.gov/api/saml/metadata2024]) for ([https://dev-identity-saml-sinatra.app.cloud.gov/]).
The local `identity-saml-sinatra` app uses the certificate from `identity-idp`, so that XML can be found at [identity-idp/config/artifacts.example/local/saml${YEAR}.crt](https://github.com/18F/identity-idp/tree/main/config/artifacts.example/local/).
Edit it to look like a normal certificate (or find the orig), e.g.,
