Version Affected: All
Description:
Transparent SSO isn't working and the Error log contains the following error:
System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors
Cause:
Multiple load balanced IdPs with a realm that has it's validation and decryption keys set to AutoGenerate Isolate Apps.
What that means is each node is independently setting their own random encryption keys (for cookies) at runtime.
That means that any PreAuth cookies that it tries to read could be encrypted with a different key from one of the other nodes.
Resolution:
To prevent this happening, generate new fixed keys and copy/paste them to the other nodes for the respective realm. Then all the nodes will be able to read each others cookies.
Special Considerations:
Note that another cause of this error can be found here:
SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.
Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.
Comments
Please sign in to leave a comment.