Symantec Access Management

Tech Tip : Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN.

  • 1.  Tech Tip : Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN.

    Posted May 25, 2017 04:50 AM

    Issue

    We are using Siteminder as IDP and 3rd party provider as SP. Everything is working fine but when we try to encrypt assertion they are getting the error :

      [Total Assertions to Encrypt: 1] 

      [Cert Serial# used: def0208d950e1fa7] 

      [Error Encrypting Assertion:0 Encoding is null.] 

      [Failed to Encrypt Assertion in Response: ...

    Environment

    Policy Server 12.51CR08

    Cause

    You face this issue in the Policy Server 12.51CR08 because of an internal problem when encrypting the assertion.

    This internal problem is fixed in Policy Server 1251CR10

     

     

    Resolution

    Upgrade the Policy Server to at least 1251CR10.

    Additional Information

    DE175174 

    Assertion encryption displays an error on the IDP side if the certificates contain non-ASCII characters in IssuerDN.

    https://docops.ca.com/ca-single-sign-on/12-51/en/release-notes/cumulative-releases-for-12-51/defects-fixed-in-ca-siteminder-12-51-cr10

     

    KD : TEC1698116