Reputation: 265
Signature validation failed
I am using Identity server 4 with Asp.net application MVC 4.5.2 when i run the mvc application its comes to identity server 4 and shows login page. then after filling the credentials it validates the credentials and i have taken redirect to my Mvc 5 application, but sometimes i take this error.
IDX10500: Signature validation failed. Unable to resolve
SecurityKeyIdentifier: 'SecurityKeyIdentifier
(
IsReadOnly = False,
Count = 1,
Clause[0] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause
)
',
token:
'{"alg":"RS256","kid":"20200ac5c987a7282847568c7d00dc26","typ":"JWT".
{"nbf":1487015385,"exp":1487015685,"iss":"https://localhost:44348","aud":"mvc","nonce":"636226121849994491.YTcxMjQ2ZDQtOWVlNC00MDk3LWJhOGYtYTIxNmM4OGFkZjU3NDFhODgzMWMtMmQ4OS00OTRmLWJiMzAtZWM1NzYyZjM3MTI2","iat":1487015385,"c_hash":"qzzLGWDykED_OIG0-TIF8w","sid":"174a7048a9521e2c99462e9b681553ae","sub":"c880d185-f7a1-422b-8cce-dff8142a1a3b","auth_time":1487014828,"idp":"local","amr":["pwd"]}'.
Upvotes: 1
Views: 1011
Answers (1)
Reputation: 18492
When you say "sometimes" this sounds to me like you are using the AddTemporarySigningCredentials option in IdentityServer4.
This means that new key material will get created on each startup of the host.
In your case the MVC application has a cached version of the key material and thus gets out of sync.
Try setting static keys - e.g. using an X509 cert:
https://brockallen.com/2015/06/01/makecert-and-creating-ssl-or-signing-certificates/
Upvotes: 2
Related Questions
- Assertion failed signature validation
- ASP.net Identity 2.0 not creating a valid authentication when signing in
- Signature validation failed. No security keys were provided to validate the signature
- IdentityServer4 - Failed to validate the token
- Invalid Signature Key IdentityServer4
- Showing validation error
- Asp.net Identity Validation Error
- RequireNonLetterOrDigit not correctly validated
- Error Message with ASP.NET Identity
- MVC 5 Identity and error message