Caught exception while verifying response signature reported after updating partnership certificate

Document ID : KB000115114
Last Modified Date : 17/09/2018
Show Technical Document Details
Issue:
After updating a partnership certificate on the SP due to expiration, we are observing the following error in the smps.log: 

[2052/3248][Mon Nov 27 2017 11:53:19][SmAuthSaml.cpp:1296][INFO][sm-log-00000] SmAuthenticateJNI() failed. Caught exception while verifying response signature: java.lang.NumberFormatException: For input string: "IT" 

How can we resolve this?
Environment:
Policy Server : R12.52 SP1 CR00 Build 499, on Win2008 R2 Ent SP1 x64 
 
Cause:
There is a known issue where the Signature verification of AuthNRequest is 
failing due to non-ascii characters in issuerDN: 

Encrypting the assertion throws an error on the IDP side when cert contains 
non-ASCI characters in the IssuerDN. 

https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr06
Resolution:
Upgrade the Policy Server to 12.52 SP1 CR6 to resolve the issue.
Additional Information:
https://docops.ca.com/ca-single-sign-on/12-52-sp1/en/release-notes/cumulative-releases/defects-fixed-in-12-52-sp1-cr06