cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Showing results for 
Search instead for 
Did you mean: 

Community Tip - Did you get called away in the middle of writing a post? Don't worry you can find your unfinished post later in the Drafts section of your profile page. X

Thingworx and Azure AD SSO issue

Velkumar
18-Opal

Thingworx and Azure AD SSO issue

Hi all,

 

We have configured Thingworx, PingFederate and Azure AD. When we try to login it throwing below error.

 

2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.x.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] Error decrypting encrypted key
2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.x.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] Failed to decrypt EncryptedKey, valid decryption key could not be resolved
2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.x.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] Failed to decrypt EncryptedData using either EncryptedData KeyInfoCredentialResolver or EncryptedKeyResolver + EncryptedKey KeyInfoCredentialResolver
2020-07-01 11:04:46.703+0000 [L: ERROR] [O: o.o.s.e.Decrypter] [I: ] [U: ] [S: ] [P: ] [T: https-jsse-nio-443-exec-9] SAML Decrypter encountered an error decrypting element content

 

I have tried this link from StackOverflow - https://stackoverflow.com/questions/31987116/error-while-decrypting-assertion-sent-from-idp still no luck. 

 

Could any one help me to solve this issue 

 

Thanks in advance

 

/VR

1 ACCEPTED SOLUTION

Accepted Solutions

I had handled the  Salesforce case assigned  against this problem and found the root cause as two different tomcat ssl certificates were present in SP connection of Ping federate and customer was using one certificate for signing requests and other certificate for signing verification which is causing the issue. Once we edit the SP connection and make the same certificate used for signing and signing verification and it works for customer.

View solution in original post

2 REPLIES 2

I had handled the  Salesforce case assigned  against this problem and found the root cause as two different tomcat ssl certificates were present in SP connection of Ping federate and customer was using one certificate for signing requests and other certificate for signing verification which is causing the issue. Once we edit the SP connection and make the same certificate used for signing and signing verification and it works for customer.

slangley
23-Emerald II
(To:Velkumar)

Hi @Velkumar.

 

If you agree with the solution posted by @vinakumar from working the case, please mark it as the Accepted Solution for the benefit of others with the same issue.

 

Thank you for participating in our community!

 

Regards.

 

--Sharon

Top Tags