Service provider may returns an error "User does not exist" in the browser.
In the IAS troubleshooting log the following error message is displayed:
Identity Provider could not process the authentication request received due to client error.
The digital signature of the received SAML2 message is invalid. Caused by: Certificate is expired (Certificate NotAfter: <date and time>) Caused by: NotAfter: <date and time>
The SAML trace shows that the authentication request did not go to the Corporate Identity Provider and returned back to the service provider with the error message:
<StatusMessage>The digital signature of the received SAML2 message is invalid.</StatusMessage>
SAML, certificate, expired, IAS,proxy, certificate, signing , KBA , BC-IAM-IDS , Identity Authentication Service , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.