Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN.

Document ID : KB000006854
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

We are using Siteminder as IDP and 3rd party provider as SP. Everything is working fine but when we try to encrypt assertion they are getting the error :

  [Total Assertions to Encrypt: 1] 

  [Cert Serial# used: def0208d950e1fa7] 

  [Error Encrypting Assertion:0 Encoding is null.] 

  [Failed to Encrypt Assertion in Response: ...

Environment:
Policy Server 12.51CR08
Cause:

You face this issue in the Policy Server 12.51CR08 because of an internal problem when encrypting the assertion.

This internal problem is fixed in Policy Server 1251CR10

 

 

Resolution:

Upgrade the Policy Server to at least 1251CR10.

Additional Information:

DE175174 

Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN.

https://docops.ca.com/ca-single-sign-on/12-51/en/release-notes/cumulative-releases-for-12-51/defects-fixed-in-ca-siteminder-12-51-cr10