Troubleshooting

Warning: Pivotal Single Sign-On v1.11 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

This topic describes how to resolve common errors that arise when configuring a single sign-on partnership between PLayer7 SiteMinder and Pivotal Single Sign‑On.

Layer7 SiteMinder Partnership is Inactive

Symptom:

Ca sso inactive

Explanations:

  • The Layer7 SiteMinder is inactive in Layer7 SiteMinder.

Service Provider Entity ID Misconfigured

Symptom:

Ca sso misconfigured entity id

Explanation:

  • The service provider Entity ID is misconfigured in Layer7 SiteMinder.

Incoming SAML message is invalid

Symptom:

Ca sso misconfigured idp entity id

Explanation:

  • The identity provider Entity ID is misconfigured in Layer7 SiteMinder or in Single Sign‑On.

  • The Name ID Format was misconfigured in Layer7 SiteMinder.

Assertion Consumer Service URL Misconfigured

Symptom:

Ca sso acu misconfigured

Explanation:

  • The service provider Assertion Consumer Service (ACS) is misconfigured in Layer7 SiteMinder.

Audience Field Misconfigured

Symptom:

Ca sso audience misconfigured

Explanation:

  • The service provider Audience Field is misconfigured in Layer7 SiteMinder.

Expired Certificate

Symptom:

Ca sso expired cert

Explanation:

  • The certificate has expired in Layer7 SiteMinder.

Identity Provider SSO URL Misconfigured

Symptom:

Ca sso idp url misconfigured

Explanation:

  • The identity provider SSO URL is misconfigured in Single Sign‑On.