Updating SSO Cert Failing | Oracle B2C Service

Expand

Collapse

Advanced SearchOpens new dialog

Enter plus (+) or minus (-) signs in search terms to make a word required or excluded
Search Tips

Search terms

Screen Reader users press enter to select a Filter by product. Filter by product

Screen Reader users press enter to select a Filter by category. Filter by category

Sort by Direction

Updating SSO Cert Failing

Answer ID 12088 | Last Review Date 02/14/2022

Why did SAML SSO stop working when we uploaded the new certificate?

Environment:

Oracle B2C Service
Single Sign-on (SSO) signing certificate (cert) renewal
ADFS as identity provider (IdP)

Issue:

Our signing certificate will be rolling over in a few days. We are attempting to update the certificate ahead of time. Now the users can't log in.

Cause:

ADFS can create new signing certificates with the same issuer field but a different public key. When both of these are present at the same time, the Oracle B2C Service application trusts neither of them.

Resolution:

Wait until the time of cutover by the IdP. Then remove the old cert and upload the new one.

Notes:

You can check if this is the case using openssl (or other tools).

openssl x509 -noout -issuer -pubkey -in myfile.pem

Loading...

Login

Why did SAML SSO stop working when we uploaded the new certificate?

Was this answer helpful?

Still have questions?

Related Answers

Login