SAMLValidationException: KeyInfo contains unknown public key

Problem

Azure AD authentication method stops working and following error message is seen in diag log when authentication is interrupted:

protocol [xxx.xxx.xxx.xxx] MessageServer.frontChannelService: com.ubisecure.saml2.core.SAMLValidationException: SignatureValidator: urn:oasis:names:tc:SAML:2.0:status:Requester, urn:oasis:names:tc:SAML:2.0:status:RequestDenied: com.ubisecure.saml.core.SignatureIntegrityException: Signature: KeyInfo contains unknown public key.

Possible Cause

The certificate Azure AD generates has expired or has been updated.

Solution

Upload new federation metadata to the method and save the change.

• Page:
  SAML Compatibility Flags
• Page:
  TOTP Secret Reset button is disabled
• Page:
  Install and start Ubisecure SSO Tomcat and Accounting Service as Windows Services gives error
• Page:
  Access to the requested resource is denied error
• Page:
  Method is not available for the user's site or any of its parent sites error (SSO 8.8.x and above)