Troubleshooting

Warning: Single Sign‑On for Pivotal Cloud Foundry v1.5 is no longer supported because it has reached the End of General Support (EOGS) phase as defined by the Support Lifecycle Policy. To stay up to date with the latest software and security updates, upgrade to a supported version.

This topic describes how to resolve common errors that arise when configuring a single sign-on partnership between PingOne Cloud and Pivotal Single Sign-On (SSO).

CA Single Sign-On Partnership is Inactive

Symptom:

Ca sso inactive

Explanations:

  • The CA Single Sign-On is inactive in CA Single Sign-On.

Service Provider Entity ID Misconfigured

Symptom:

Ca sso misconfigured entity id

Explanation:

  • The service provider Entity ID is misconfigured in CA Single Sign-On.

Incoming SAML message is invalid

Symptom:

Ca sso misconfigured idp entity id

Explanation:

  • The identity provider Entity ID is misconfigured in CA Single Sign-On or in PCF Single Sign-On.

  • The Name ID Format was misconfigured in CA Single Sign-On

Assertion Consumer Service URL Misconfigured

Symptom:

Ca sso acu misconfigured

Explanation:

  • The service provider Assertion Consumer Service (ACS) is misconfigured in CA Single Sign-On.

Audience Field Misconfigured

Symptom:

Ca sso audience misconfigured

Explanation:

  • The service provider Audience Field is misconfigured in CA Single Sign-On.

Expired Certificate

Symptom:

Ca sso expired cert

Explanation:

  • The certificate has expired in CA Single Sign-On.

Identity Provider SSO URL Misconfigured

Symptom:

Ca sso idp url misconfigured

Explanation:

  • The identity provider SSO URL is misconfigured in PCF Single Sign-On.