Error Message: Could not validate XML digital signature


You are unable to establish a successful connection to ADFS.


NOTE If you establish a successful test connection and you are still experiencing issues, you might have incorrect attribute mappings or issues with the federation IDs. Contact customer support with questions.

Cause 1: The certificate is incorrect
Manually retrieve the Signing Certificate from the ADFS Server:
  1. In Windows, click Start > Administration > ADFS 2.0 Management.
    The ADFS 2.0 Management dialog box is displayed.
  2. Select Trust Relationship > Relying Party Trusts in the left-hand pane.
  3. Right-click on Relying Party Trust, and select Properties.
  4. Click on the Signature tab.
  5. Click on the name of the Signing Certificate, and click View.
  6. Click Copy to File..., and select Next.
  7. Select Base-64 encoded x.509 (CER), and click Next.
  8. Specify the file name, and click Next.
  9. Click Finish.
  10. In Workfront, navigate to Setup > System > Single Sign-On (SSO) and manually upload the Signing Certificate.

Cause 2: The certificate is signed using DSA when Workfront is expecting an RSA signature


Recreate the certificate and use the RSA signature instead of the DSA.

Cause 3: XML Data is incorrect


Re-export and re-import the XML metadata from the ADFS management system.

Cause 4: The request could not be performed due to an error on the SAML side


Contact your SAML provider.

This article last updated on 2018-06-12 21:45:16 UTC