I have recently migrated my application from one server to another, and upon startup of Tomcat, I'm receiving an exception when Spring SAML is trying to verify the trust of the signature held in my metadata file.
ERROR 2016-10-24 18:34:56,728 AbstractReloadingMetadataProvider:398 processNonExpiredMetadata-> Error filtering metadata from /sites/thisapplication/webapps/rts/WEB-INF/classes/blablabla.xml org.opensaml.saml2.metadata.provider.FilterException: Signature trust establishment failed for metadata entry
Does anyone have any idea why this might be failing? The configured Java keystore hasn't changed, and I can still see the correct certificate when I view all certificates within the keystore.
I know I can set the argument metadataTrustCheck to false in my ExtendedMetadataDelegate bean, but I'd rather ensure the issue is addressed than ignored.
Just in case this is useful, the old server uses Sun/Oracle's version of Java 6, but the new one uses OpenJDK Java 6.
Thanks in advance!
P.S. I'm using the latest Spring SAML release (1.0.2.RELEASE) alongside Spring 3.1.1.
