Reset Search
 

 

Article

KB21687 - Invalid SAML assertion

« Go Back

Information

 
Last Modified Date7/22/2017 10:32 PM
Synopsis
This article describes an issue where end users receive the message "FAILURE: invalid assertion" when attempting to login to the Pulse Connect Secure device.
 
Problem or Goal
Cause
Solution

Scenario 1: Time Sync issue

In the event log, the following message will appear:
minor - System()[] - Assertion for SAML Auth Server '5' has expired; NotOnOrAfter earlier than or equal to current time (minus allowed skew) 
'2011-05-04T21:04:42Z'; You can adjust the allowed clock skew for the SAML Auth Server to compensate; Assertion '2011-05-04T21:04:42Z'"
Please make sure that the time is in sync between the SAML server and the PCS device.


Scenario 2:  Certificate issue

SAML Response received by PCS device is signed, however the signing certificate is not uploaded on the PCS device.

From the SAML Auth server, under Response Signing Certificate field, upload the appropriate certificate.
 
Related Links
Attachment 1 
Created ByData Deployment

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255