Invalid signing certificate in the metadata file when applying changes to SAML Qlik Sense virtual proxy

Damien_V · Oct 12, 2021 9:15:13 AM

When trying to apply changes to a virtual proxy set up with SAML authentication, the error "invalid signing certificate in the metadata file" appears.

Environments:

Qlik Sense Enterprise on Windows

As the message says, the certificate provided in the IdP metadata file is invalid, the most common reason is that it has expired.

Example:

<KeyDescriptor use="signing">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>
MIIC8DCCAdigAwIBAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxIDxibeHXAszya
</X509Certificate>
</X509Data>
</KeyInfo>
</KeyDescriptor>

By copying the certificate from the IdP file and decoding it, you will be able to see the expiration date.
For example, a website such as https://www.sslshopper.com/certificate-decoder.html can be used to decode the certificate.

shane_spencer · ‎2024-05-22

More details on how to fix this would be helpful.

Invalid signing certificate in the metadata file when applying changes to SAML Qlik Sense virtual proxy

Invalid signing certificate in the metadata file when applying changes to SAML Qlik Sense virtual proxy

Integration and Embedding