Hi all, we've had [JettyServer-1369] WARN org.apache.xml.security.signature.XMLSignature - Signature verification failed. and Signature cryptographic validation not successful appearing in out logs when someone logs in via SAML SSO with our Office 365 tenant. From googling I have found that it is usually due to a certificate signing issue. I have updated the metadata on our office 365 tenant as that had changed. I am still getting the issue and now comparing the response with the metadata and the x509 certificate values are different, does anyone know if these should be the same. Welcoming any other suggestions as to the issue. Thanks
asked
Garion Swann
1 answers
0
Hi Garion,
did you also renew the metadata in the SAML settings of your app (Identity Provider Metadata tab). You should do this after updating the settings in Office365.