I'm having a weird SAML-metadata issue. Our setup:

NAM 4.0.1-HF3 -> SAML IDP.
ADFS v2.0 -> SAML SP.

- This morning our metadata (retrieved from URL:
https://ids:8443/nidp/saml2/metadata) worked just fine with ADFS when
doing 'Import data about claims provider from a file' at ADFS (SP)
- Next thing I modified 'Organization / Principal Contact from:
Devices -> Identity Server -> ids -> General -> Organization
- After this ADFS started to complain about 'Error message: ID6018:
Digest verification failed for reference

After above steps, even if I remove 'Organization / Principal Contact'
information, I still receive same error. This is the weird part.
This has already happened to two NAM environments. Current workaround is
to remove 'Signature'- and 'AttributeAuthorityDescriptor'-blocks from
NAM generated metadata file before importing into ADFS.

Any ideas? Thanks.

tomikoski's Profile: https://forums.netiq.com/member.php?userid=3801
View this thread: https://forums.netiq.com/showthread.php?t=53226