"No certificate was found for subject" error when using a custom certificate with two Common Names (cn)
Symptoms
When installing SSO SAML with a custom certificate instead of the default Changepoint certificate, the following error occurs :
Type : Changepoint.CommonServices.SSO.SSOException, Changepoint.CommonServices.SSO, Version=18.1.75.0, Culture=neutral, PublicKeyToken=null
Message : An unexpected error occurred when processing the request. - No certificate was found for subject Name CN=changepoint-cert1
Source :
Help link :
Data : System.Collections.ListDictionaryInternal
HResult : -2146233088
Stack Trace : The stack trace is unavailable.
Additional Info:
MachineName : XXXXXX
TimeStamp : XXXXXXX
FullName : Microsoft.Practices.EnterpriseLibrary.ExceptionHandling, Version=6.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
AppDomainName : /LM/W3SVC/2/ROOT/RP-STS_SAML-2-131927231204245451
WindowsIdentity : IIS APPPOOL\Enterprise_AppPool
Reason
The certificate has two cn=... entries.
Resolution
In the web.config for the SSO application, use the subject name "cn=changepoint-cert1, cn=changepoint-cert2" for the custom certificate, i.e. you need to mention both names.