I imported a SAML auth from v18 to v19.0.1 via json export->import. Now the SAML auth fails for nextcloud with
request validation failed: org.keycloak.common.VerificationException: Certificate is not valid.
at org.keycloak.protocol.saml.SamlProtocolUtils.getPublicKey(SamlProtocolUtils.java:138)
I can’t find anything on the net about this that is actually about keycloak / nextcloud and can help here.
Trying to fix it, I went and “regenerated” the cert key (*), but then I’m getting errors in nextcloud when trying to import the new key.
Failure Signing Data: error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag - SHA256
I’m not sure what to do now. I did fix the identifier for the new URL scheme in keycloak.
Another thing I’m not so sure about is the new Client Authenticator part. When importing the whole realm, the secrets for this is left “undefined” internally, based on my “copy secret” response. But when importing this specific client, it’s set to “client id and secret” with a random secret. As this is a test setup I can give more details if required.
(*) keys->certificate->regenerate as importing wasn’t possible from ---begin certificate--- + private key