Invalid Signature error when configuring SAML2 with signing

Document ID : KB000125507
Last Modified Date : 30/01/2019
Show Technical Document Details
After setting up SAML2 with signing, the follwong error is seen in the PC_HOME/sso/logs/SsoService.log:

ERROR | qtp1649115615-37 | <timestamp> | common.sso.saml2.UserAssertionService 
| Receive StatusCode: urn:oasis:names:tc:SAML:2.0:status:Requester. Message: Invalid signature 

And login fails for SAML2 authenticated users.

CA Performance Management

SAML2 authentication with signing

There is a mismatch between the Metadata/Certificate information the IDP has from CA Performance Center
Make sure the documentation is followed closely and the IDP has up to date Metadata from CA Performance Center (CAPC)
Additional Information: