SAML Integration Invalid thumbprint for a valid certificate

A few days back, we created an SSO connection, with a certificate expiring in 2033 (+10 years).
It worked great for a couple of days till yesterday.
Since yesterday, I am getting - Invalid thumbprint - error.
We didn’t change the certificate, no one altered the certificate.
In the SAML payload, I am getting the exact same certificate!!
Where else can I look for the issue?

Hi @rahul-asati

Welcome to the Auth0 Community.

An invalid thumbprint error does suggest a change in the certificate either on the connection (you’ve already mentioned this has not changed) but it may have changed on the IdP end. Check the connection’s configured certificate and compare with the IdP’s certificate sent in SAML response - either from a HAR file (network tab on the browser dev tools) or tenant logs if debug mode is enabled - one of the certificates may be expired, or one of the parties involved has rolled over their certificate.

You can also review this related community post for more information https://community.auth0.com/t/saml-sso-invalid-thumbprint-error/91165

Please get back in touch with us if you need further information.

Warm regards.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.