Hello Discourse Devs,
We are seeing the following error:
(saml) Authentication failure! invalid_ticket: OneLogin::RubySaml::ValidationError, Fingerprint mismatch
I’ve verified the fingerprint by generating a SHA256 finger print from the following site:
Any thoughts on what else I could check?
I think you have to use SHA1 (the fingerprints hash algorithm is independent of the certificates algorithm). At least in my case that worked.
I copied the base64 certificate of my IdP including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- to a file and used the following OpenSSL command to retrieve the fingerprint:
openssl x509 -noout -fingerprint -sha1 -inform pem -in cert.pem