GP Agent SAML Authentication Warning: "The name of the security certificate is invalid or does not match the name of the site."
6910
Created On 02/04/20 21:28 PM - Last Modified 02/20/20 17:18 PM
Symptom
Imagine the below scenario for GP Authentication using OKTA SAML as the Identity provider
- User selects valid portal to connect to
- User is prompted with pop-up window and redirected to the appropriate IDP splash screen
- After user enters their credentials they are redirected back to the portal but greeted by a cert warning
- When accessing the portal from the browser the user gets a certificate warning splash screen
Environment
- SAML integration
- All GP Agents
Cause
This certificate warning occurs when the common name associated to the certificate and the base URL used for the SAML redirection does not match.
Note: GP Agent uses IE to display the dialogue box for the user-logon prompt
Resolution
To correct this issue change the base-url to match the common name within the cert
Example:
After making this change you should not see the warning during logon via the GP Agent/Application
Certificate when accessing portal should now also show trusted
Additional Information
Note: This error pertains to the warning "The name of the security certificate is invalid or does not match the name of the site" seen in the security alert.