...
...
...
...
...
...
...
...
Problem
SAML SP fails during logout with the following error:
com.ubisecure.saml2.sp.ServiceProviderException: INTERNAL_ERROR: com.ubisecure.saml2.core.SAMLException: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
Solution
This error indicates that SP tries to do a back channel logout using the SOAP SingleLogoutEndpoint described in the IDP Metadata of Ubisecure SSO, but fails to do a SSL/TLS handshake. This problem is caused by SAML SP for Java component trying to use SSLv3 when initiating the backchannel connection for the logout, but as SSLv3 is now obsolete, many servers refuse to create a connection with it and interrupt the handshake procedure instead.
Panel | ||
---|---|---|
| ||
Workaround is to disable backchannel logout functionality:
|
Related articles
Filter by label (Content by label) | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...