000016876 - Problem importing metadata from into RSA FIM

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000016876
Applies ToRSA Federated Identity Manger (FIM) 4.1
IssueProblem importing metadata from into RSA FIM
FIM console shows the following error when importing metadata:
There was a problem processing your request.
Metadata file is invalid: The following error occurred while trying to unmarshal field _x509SerialNumber of class com.rsa.fim.xml.castor.xmldsig.X509IssuerSerial For input string: "13188029099598607869"
Cause
There is an issue with the format of the certificate in the metadata.
When setting up a partner in RSA FIM it is manditory that you import the certificate chain into the JKS truststore, optionally if a certificate is present in the metadata this certificate must match that in the truststore.  If you must update a partner certificate you must always update it in both places.
ResolutionDue to the requirement to trust the certificate in the truststore it is recommended that you do not include a certificate in the metadata.  If the partner cannot provide metata without a certificate you can remove the certificate by deleting the keyDescriptor information from the metadata.  Remove all data between these two tags, including the tags themselves. 
       <md:KeyDescriptor use="signing">
           
        </md:KeyDescriptor>
Legacy Article IDa61465

Attachments

    Outcomes