|Applies To||RSA Federated Identity Manger (FIM) 4.1|
|Issue||RSA FIM error: The public key present in the message did not match the public key present in the trusted keystore.|
Following error in debug.log file
2014-06-19 11:28:25,597, (DSigHelper.java:548), TWFIM220V, , , , util.crypto.dsig.verify.error, java.lang.RuntimeException: Error code is not found: The public key present in the message did not match the public key present in the trusted keystore.
|Cause||This error occurs if the end entity certificate used to sign the assertion is not the same one as that in the JKS truststore.|
|Resolution||Compare the certificate in the assertion with that in the JKS store. Often the signing certificate is actually included as part of the assertion. |
Cut and past the data between X509Certificate tags into a text file and name the file certificate.cer. View the file in Windows and it will show the certificate data.
<X509IssuerName>CN=WS Enterprise CA1, DC=WS, DC=WSFGRP, DC=NET</X509IssuerName>
The certificate should match what is stored in the JKS store. Use the following command to list the contents of the JKS store.
keytool -list -v -keystore truststore.jks
|Legacy Article ID||a66504|