cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Thingworx and Azure AD SSO issue

SOLVED
Highlighted
Pearl

Thingworx and Azure AD SSO issue

Hi all,

 

We have configured Thingworx, PingFederate and Azure AD. When we try to login it throwing below error.

 

2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.x.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] Error decrypting encrypted key
2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.x.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] Failed to decrypt EncryptedKey, valid decryption key could not be resolved
2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.x.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] Failed to decrypt EncryptedData using either EncryptedData KeyInfoCredentialResolver or EncryptedKeyResolver + EncryptedKey KeyInfoCredentialResolver
2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.s.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] SAML Decrypter encountered an error decrypting element content

 

I have tried this link from StackOverflow - https://stackoverflow.com/questions/31987116/error-while-decrypting-assertion-sent-from-idp still no luck. 

 

Could any one help me to solve this issue 

 

Thanks in advance

 

/VR

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Re: Thingworx and Azure AD SSO issue

I had handled the  Salesforce case assigned  against this problem and found the root cause as two different tomcat ssl certificates were present in SP connection of Ping federate and customer was using one certificate for signing requests and other certificate for signing verification which is causing the issue. Once we edit the SP connection and make the same certificate used for signing and signing verification and it works for customer.

View solution in original post

2 REPLIES 2
Highlighted

Re: Thingworx and Azure AD SSO issue

I had handled the  Salesforce case assigned  against this problem and found the root cause as two different tomcat ssl certificates were present in SP connection of Ping federate and customer was using one certificate for signing requests and other certificate for signing verification which is causing the issue. Once we edit the SP connection and make the same certificate used for signing and signing verification and it works for customer.

View solution in original post

Highlighted

Re: Thingworx and Azure AD SSO issue

Hi @Velkumar.

 

If you agree with the solution posted by @vinakumar from working the case, please mark it as the Accepted Solution for the benefit of others with the same issue.

 

Thank you for participating in our community!

 

Regards.

 

--Sharon

Announcements

Thingworx Navigate content has a new home! Click here to access the new Thingworx Navigate forum!