Comments (7)
Indeed, i added the the CA cert of ssocircle to the key store and it works. I will create a pull request.
from spring-boot-security-saml-sample.
As the certificates from ssocircle are quire new (yesterday) and the keystore is static I assume that this is to be expected. You probably need to either update the keystore or allow regular PKIX.
from spring-boot-security-saml-sample.
Works like charm! Thank you!
from spring-boot-security-saml-sample.
The certificate has changed again and it looks like it will continue to change every 90 days. I've created another PR (#31) which updates the keystore but also includes a script for updating.
@gbrost - is this the same process you used to update the keystore? Is there anything I've missed?
from spring-boot-security-saml-sample.
I suggest instead adding the "DST Root CA X3". Then all "Lets Encrypt" certs will work which seems reasonable. At least until the DST cert expires in 3-4 years.
BR
from spring-boot-security-saml-sample.
hy, I am also getting the same issue. I also updated the certificates in keystore , but the issue is same.. please help me
from spring-boot-security-saml-sample.
how can i get CA cert of ssocircle
from spring-boot-security-saml-sample.
Related Issues (20)
- CurrentUserHandlerMethodArgumentResolverTest is failing HOT 1
- Docker: javax.net.ssl.SSLPeerUnverifiedException: SSL peer failed hostname validation for name: null HOT 1
- Deserialization of Untrusted Data (CVE-2019-16335) HOT 1
- Deserialization of Untrusted Data (CVE-2019-14540) HOT 1
- Deserialization of Untrusted Data (CWE-502) HOT 1
- Deserialization of Untrusted Data (CVE-2015-4852, CVE-2015-7501) HOT 1
- Improper Certificate Validation (CVE-2012-5783)
- Man-in-the-Middle (CVE-2012-6153)
- Purpose of apollo key in the JKSKeyManager HOT 1
- Localhost redirect on first click regardless user's context HOT 1
- Behind reverse proxy advertises localhost and internal port HOT 1
- How to add "NameQualifier" and "Format" attributes to LogoutRequest/Issuer HOT 1
- Authentication statement is too old to be used with value 2020-08-31T09:32:00.759Z HOT 1
- With global logout from Identity provider side local session and authentication remain active and valid
- Need help to find the entity if
- Browser back redirects to "/saml/SSO" page. HOT 1
- Handle URL encoding in SAML response HOT 1
- Use Spring Boot 2.7 and Spring Security without WebSecurityConfigurerAdapter
- Metadata refreshing has failed
- Error retrieving metadata
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from spring-boot-security-saml-sample.