After setting up SAML2 with signing, the follwong error is seen in the PC_HOME/sso/logs/SsoService.log:
ERROR | qtp1649115615-37 | <timestamp> | common.sso.saml2.UserAssertionService
| Receive StatusCode: urn:oasis:names:tc:SAML:2.0:status:Requester. Message: Invalid signature
And login fails for SAML2 authenticated users.
There is a mismatch between the Metadata/Certificate information the IDP has from CA Performance Center
Make sure the documentation is followed closely and the IDP has up to date Metadata from CA Performance Center (CAPC)