This happens when Apache is misconfigured by allowing mod_ssl to validate the certificate. Edit the shibboleth2.xml file 4. All possible status URLs for both SP and IdP return successfull results. The certificate that was used to sign the message didn't match the one the SP expected based on metadata. his comment is here
What to do when majority of the students do not bother to do peer grading assignment? Thanks. Obviously it's absolutely impossibile it can't find out metadata cause metadata file it's always in the same position. Note that it didn't do that by accident, you had to have put a RequireValidUntil metadata filter into it (which is generally advisable depending on the trust model in use, but see here
supplied TrustEngine failed to validate SSL/TLS server certificate The IdP's metadata provides the rules for determining whether a certificate used for a signature or found at a SOAP endpoint is acceptable. The protected site is hosted on local IIS and is accessible via http://bios-hp/secure URL where I get the error. Cantor, Scott E.