Issue
When doing an SP initiated transaction with the Authnrequest signed by a third party.
It works fine if the third party cert is using a standard cert but it is failing using cert that contains non ASCI chars in the IssuerDN
From the SP logs/traces generated :
FWSTrace:
[07/12/2016][09:38:22][4484][1176][156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7][AssertionConsumer.java][processSAMLResponse][authenticateUser failed: 1]
[07/12/2016][09:38:22][4484][1176][156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7][AssertionConsumer.java][redirectLoginFailure][AuthReason=50]
[07/12/2016][09:38:22][4484][1176][156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7][AssertionConsumer.java][redirectLoginFailure][Redirect Mode="0" URL="null"]
[07/12/2016][09:38:22][4484][1176][156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7][AssertionConsumer.java][redirectLoginFailure][Ending SAML2 AssertionConsumer Service request processing with HTTP error 500]
[07/12/2016][09:38:22][4484][1176][156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7][AssertionConsumer.java][redirectLoginFailure][Transaction with ID: 156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7 failed. Reason: ACS_FAILED_PROCESS_FAILURE]
--
smtraces (PS)
[2108][3112][07/12/2016][15:08:22][15:08:22.752][Getting Assertion by ID: _f571d44e26039fb37b2efb38c609a1e4fb1e][Saml2Validator.java][checkAssertion][][][][][][][][][][][156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[2108][3112][07/12/2016][15:08:22][15:08:22.759][Could not get certificate from trusted key database (IssuerName: CN="Toto titi/emailAdress=toto@test.se", O=MyNetwork AB, L=Trollhättan, ST=Västra Götalands Län, C=SE Serial Number: a123456) ][Saml2Validator.java][verifyXML][][][][][][][][][][][156f0175-de2507da-4910b6ef-162b08cf-3b12ec13-f7][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][][]
[2108][3112][07/12/2016][15:08:22][15:08:22.760][Exception while verifying signature:
This issue can also occur when signing an assertion with certs containing non ASCII chars
Environment
IDP SiteMinder : 12.52.104.2032 on Windows 2008 R2
Custom SP
Resolution