ADFS 2 - Signature error

Hello. When working with ADFS 2 (running your sample) The ADFS cannot validate signature on the SSO request If I'm removing the signatue lines: X509Certificate2 x509Certificate = (X509Certificate2)Application[Global.SPCertKey]; // Sign the authentication request. authnRequest.Sign(x509Certificate); Everything works fine. The error in ADFS event log is: The Federation Service encountered an error while processing the SAML authentication request. Additional Data Exception details: Microsoft.IdentityModel.Protocols.XmlSignature.SignatureVerificationFailedException: ID4037: The key needed to verify the signature could not be resolved from the following security key identifier 'SecurityKeyIdentifier ( IsReadOnly = False, Count = 1, Clause[0] = Microsoft.IdentityServer.Tokens.MSISSecurityKeyIdentifierClause ) '. Ensure that the SecurityTokenResolver is populated with the required key. at Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.ResolveSigningCredentials() at Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.OnEndOfRootElement() at Microsoft.IdentityModel.Protocols.XmlSignature.EnvelopedSignatureReader.Read() at System.Xml.XmlReader.ReadEndElement() at Microsoft.IdentityServer.Protocols.Saml.SamlProtocolSerializer.ReadAuthnRequest(XmlReader reader) at Microsoft.IdentityServer.Protocols.Saml.SamlProtocolSerializer.ReadSamlMessage(XmlReader reader, NamespaceContext context) at Microsoft.IdentityServer.Protocols.Saml.HttpSamlBindingSerializer.ReadProtocolMessage(String encodedSamlMessage) at Microsoft.IdentityServer.Protocols.Saml.Contract.SamlContractUtility.CreateSamlMessage(MSISSamlBindingMessage message) at Microsoft.IdentityServer.Service.SamlProtocol.SamlProtocolService.CreateErrorMessage(CreateErrorMessageRequest createErrorMessageRequest) at Microsoft.IdentityServer.Service.SamlProtocol.SamlProtocolService.ProcessRequest(Message requestMessage) This is the request xml (from:authnRequest.GetXml().OuterXml;): https://localhost:44300/ H/BoE0BQdifc0OqiiUHmJMQU1T0= gf Rvr/zQaODo9c72tTnCDuycPkzi1/v24NSj Z/etCtE7PMlZgz5ZoDxZxs00XWBFMxPJ0ZgBUMxMg/ShqL5PdNwcbmi57y/ijpu/4EiKtptLFmuTHpM40mRdtVtLtq1A1EnEsHDJ0CqT6hyBKKnWTQ90/pjbWgK49aA17IW Q= a MIIB/DCCAWWgAwIBAgIQ39LYOFEy9K1A f1T4C/ELzANBgkqhkiG9w0BAQQFADAWMRQwEgYDVQQDEwtYWVogQ29tcGFueTAeFw0wNDEyMzExNzAwMDBaFw0wOTEyMzExNzAwMDBaMBYxFDASBgNVBAMTC1hZWiBDb21wYW55MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3E55S/VquStRieuJ39TM6HkKh47pC x3XklZ gmIPHk2XRbUuOCnJunxnesChjDJ2H0tP1usHoPU2jJbfNffEJRrVw8zDavvVqiye4hHGaSL3i7BDOChzKeQY/8yifIMFUIK7DOKwfQDUbJf662gac6u0AmNv/CNdIpECWUHokQIDAQABo0swSTBHBgNVHQEEQDA gBDHk2UyyDjvEL4gr3OaFlNBoRgwFjEUMBIGA1UEAxMLWFlaIENvbXBhbnmCEN/S2DhRMvStQPn9U AvxC8wDQYJKoZIhvcNAQEEBQADgYEAIqaguk7RrjeJJtq44DSFatuGtYxASy/MXtdbHhuiYIRNNBgBPB3NWYHVBrZnftBmbHz1Ur61x7ZWYPqezvKhyKZNgHHkbL0O35MHEYNNJhDLdw0QVn4QkZL5MhLHU 8zcaMWTERlQN3rQTAg4paz5oSVDMQyPbUAC/xsquUP44E= Thanks Dror S

Please check your ADFS configuration if they require ds prefix in the XML signature. Check the following topic on how to alter XML code: http://www.componentpro.com/doc/saml/altering-saml-xml-elements.htm