0

I am implementing SSO between a custom PHP app and an in house tableau server using SAML. I chose auth0 as my identity provider. I got it working with a test version of the app running in a Vagrant VM. But when I tried to get it working from the production app auth0 rejected the initial login. They said this is because the SSL cert for the site is not trusted. The company that hosts the app also provides the certs and they want more money then the company is willing to spend to get trusted certs. Nor will they allow a third party cert to be installed.

Does anyone know if there is a way to disable the checking for a trusted cert at auth0?

Does anyone know of any IdPs other then auth0 that will work with an untrusted cert?

Larry Martell
  • 341
  • 1
  • 2
  • 6
  • "But when I tried to get it working from the production app auth0 rejected the initial login. They said this is because the SSL cert for the site is not trusted." Are you sure that they meant SSL cert, and not signing cert? – Andrew K. Aug 09 '17 at 21:09
  • I don't know. They referred me to 2 sites `https://sslanalyzer.comodoca.com` and `https://www.sslshopper.com/ssl-checker.htm` and pointed out that when I put the domain in it said `The certificate is not trusted in all web browsers. You may need to install an Intermediate/chain certificate to link it to a trusted root certificate.` The company they issued the cert want $800 to do this, which I do not think is a lot, but the company does and does not want to pay it. So I am looking for a workaround. – Larry Martell Aug 09 '17 at 22:16
  • Just merge the certificates yourself... If it's a commercial CA, you can get the intermediate(s) and concatenate them in a text editor if they are the Base64 encoded certificates. The CA has to make those certificates available. If not, go to any number of big name commercial CA's, and get a new certificate for less than $50. – Andrew K. Aug 10 '17 at 12:35

0 Answers0