Hi Julian, I did that testing with the public x509 certificate in asc ant the public binary key. Both failed!
Once o read you reply i went trough the tutorial again and regenerate the key in every way available. http://code.google.com/support/bin/answer.py?answer=71864&topic=12142 Then for each i tested the public certificate file and key (except for the JCA that dont generate public certificate, only keypair) , none worked. And the demo gives tha same errors when trying to log with the demouser @ psosamldemo.net (using the keys that came with it). I dunno if it´s something that isn´t enabled in my domain or if i´m really bypassing any important step (tough i have triple checked every step to be sure). I´m using google apps Education Edition. Thanks, Mauricio Moura On 25 jul, 06:16, "Julian (Google)" <[EMAIL PROTECTED]> wrote: > Hi, > > This error message usually indicates that there is a mismatch between > the public key certificate Google Apps has on file and the private key > used to sign the SAML Response. > > Can you try uploading the public key certificate to the control panel > again? > > Thanks, > Julian. > > On Jul 22, 9:46 pm, Mauricio Moura <[EMAIL PROTECTED]> wrote: > > > HI, i´m trying to develop the SSO to my domain, and i´m geting the > > same error (saving that it´s translated). > > > I´ve downloaded the sso-sample-1.0.1-java.zip and installed it, now i > > ´m trying to use it and get tha same error form the demouser @ > > psosamldemo.net. > > > Also i modified the code to validade my users and set it to may > > domain, and didn´t work either, > > > I Already setup my keys and the cert at in the control panel of the > > domain and actived sso to a intranet develop server. > > > Here is the error: > > > *************************************************************************************** > > Google Apps - Não foi possível acessar esta conta porque não > > conseguimos confirmar as credenciais de login. > > > Ajuda|Sair > > > Não foi possível acessar esta conta porque não conseguimos confirmar > > as credenciais de login. > > Não foi possível processar a sua solicitação neste momento. Tente > > novamente mais tarde. > > > Termos de Serviço-Política de Privacidade-Página inicial do Google > > ©2007 Google > > *************************************************************************************** > > > On 27 jun, 13:16, "Alex (Google)" <[EMAIL PROTECTED]> wrote: > > > > Hi, > > > > It looks like it can't find the .pfx file it needs to sign the > > > SAMLResponse. Did you copy over the .pfx file you were using > > > before? You'll also need to make sure Web.config is pointing to this > > > file: > > > >http://code.google.com/p/google-apps-sso-sample/source/browse/trunk/c... > > > > -alex > > > > On Jun 27, 8:56 am, RNBY <[EMAIL PROTECTED]> wrote: > > > > > I had the same problem. > > > > I updated the code with the url you gave and now I am getting a > > > > diffferent error: > > > > > The system cannot find the file specified. > > > > Description: An unhandled exception occurred during the execution of > > > > the current web request. Please review the stack trace for more > > > > information about the error and where it originated in the code. > > > > > Exception Details: > > > > System.Security.Cryptography.CryptographicException: The system cannot > > > > find the file specified. > > > > > Line 110: string actionUrl; > > > > Line 111: > > > > Line 112: SamlParser.CreateSignedResponse( > > > > Line 113: samlRequest, userName, out responseXml, > > > > out actionUrl); > > > > Line 114: > > > > > Here is my url querystring > > > > signin.aspx? > > > > SAMLRequest=fVLda9swEH8f7H8QevdXIFsRsUvWUhboNtO4e9jbRT7HIvLJ08nJ9t9PcVraPqwgEJx > > > > %2B9%2Fs43er6z2DFET0bR6Us0lwKJO1aQ > > > > %2FtSPjZ3yZW8rj5%2BWDEMdlTrKfT0gL8n5CBiJ7GaH0o5eVIO2LAiGJBV0Gq7%2FnavFmmuRu > > > > %2BC085Ksbkt5YEG3VHf9Q53uwPGA1o7AmwNjIe2H > > > > %2BINRBH989nW4mxrwzzhhjgAhVjK86sk%2F5QsPjfFUi2XKi9%2BSVE > > > > %2FKX0xdEnwnq3dBcTqa9PUSf1j28wER9Oi > > > > %2Fx7Rpdw7t7eYajdIsWZGH6KdG0c8Dei36I9G4%2BPDfSn7EEZWWXY6ndKXpgyyPZBhD2hTwpCB5nOOGpjNMfJ3YBllNQ9Xzfn8q6m > > > > %2B7x6e%2FcjqRXGVvaKqnj7tnGVzWztr9F%2BxttadbjxCiPrBTyjFnfMDhP > > > > %2BrFWkxV0ybdDNUTcQjatMZbKXIqovq2%2B2IO%2FMP&RelayState=https%3A%2F > > > > %2Fwww.google.com%2Fa%2Fganisrael.net%2FServiceLogin%3Fservice%3Dmail > > > > %26passive%3Dtrue%26rm%3Dfalse%26continue%3Dhttps%253A%252F > > > > %252Fmail.google.com%252Fa%252Fganisrael.net%252F%26bsv%3D1k96igf4806cy > > > > %26ltmpl%3Ddefault%26ltmplcache%3D2 > > > > > Here is the stack trace > > > > > Stack Trace: > > > > > [CryptographicException: The system cannot find the file specified. > > > > ] > > > > > System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32 > > > > hr) +33 > > > > > System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String > > > > fileName) +0 > > > > > System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String > > > > fileName, Object password, X509KeyStorageFlags keyStorageFlags) +94 > > > > > System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String > > > > fileName, String password) +128 > > > > Google.Apps.SingleSignOn.XmlDocumentSigner.LoadRsaKey() in C: > > > > \projects\googleapps\cs\samlResponse\cs\Google.Apps.SingleSignOn\src > > > > \XmlDocumentSigner.cs:62 > > > > Google.Apps.SingleSignOn.XmlDocumentSigner.Sign(XmlDocument doc) in > > > > C:\projects\googleapps\cs\samlResponse\cs\Google.Apps.SingleSignOn\src > > > > \XmlDocumentSigner.cs:31 > > > > Google.Apps.SingleSignOn.SamlParser.CreateSignedResponse(String > > > > packedSamlRequest, String userName, String& responseXml, String& > > > > actionUrl) in C:\projects\googleapps\cs\samlResponse\cs > > > > \Google.Apps.SingleSignOn\src\SamlParser.cs:123 > > > > Google.Apps.SingleSignOn.Web.SignIn.GoogleSignIn(String userName) > > > > in c:\Inetpub\wwwroot\Chabad.org\dynamic\mychabad\Email\MyEmail > > > > \SignIn.aspx.cs:112 > > > > Google.Apps.SingleSignOn.Web.SignIn.checkUser() in c:\Inetpub > > > > \wwwroot\Chabad.org\dynamic\mychabad\Email\MyEmail\SignIn.aspx.cs:50 > > > > Google.Apps.SingleSignOn.Web.SignIn.Page_Load(Object sender, > > > > EventArgs e) in c:\Inetpub\wwwroot\Chabad.org\dynamic\mychabad\Email > > > > \MyEmail\SignIn.aspx.cs:38 > > > > System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, > > > > Object o, Object t, EventArgs e) +15 > > > > System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object > > > > sender, EventArgs e) +33 > > > > System.Web.UI.Control.OnLoad(EventArgs e) +99 > > > > System.Web.UI.Control.LoadRecursive() +47 > > > > System.Web.UI.Page.ProcessRequestMain(Boolean > > > > includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) > > > > +1436 > > > > > Version Information: Microsoft .NET Framework Version:2.0.50727.1433; > > > > ASP.NET Version:2.0.50727.1433 > > > > > THANKS > > > > RNBY > > > > > On Jun 20, 12:50 pm, "Alex (Google)" <[EMAIL PROTECTED]> wrote: > > > > > > Hi, > > > > > > Can you both let us know what your domains are? There was a change > > > > > yesterday on our side, but we tried to make it only for new SSO > > > > > domains. Once I have your domain name, I can revert the change for > > > > > your domain. > > > > > > I'll post the details of the change in a new thread later today. > > > > > > -alex > > > > > > On Jun 20, 8:47 am, swtet <[EMAIL PROTECTED]> wrote: > > > > > > > I am also having this issue with a domain that was working fine > > > > > > previously. Has something changed on the Google side? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
