If you encounter the error message "Error: malformed_certificate" while trying to access Digital Theatre+ using SAML SSO via Google Workspace, it typically indicates an issue with your SAML certificate.
Explanation
This error usually occurs due to one of the following reasons:
- The SAML certificate has expired.
- Changes were made to the SAML configuration on your end without informing Digital Theatre+.
- There is a mismatch between the SAML information on your end and what we have at Digital Theatre+.
- Multiple SAML certificates are active.
What to Do
To resolve this issue, please follow these steps:
1. Verify Certificate Status
- Check for Expiry:
- Ensure that your SAML certificate has not expired.
- Check for Changes:
- Verify that no changes have been made to your SAML configuration without notifying Digital Theatre+.
2. Ensure a Single Active Certificate
- Deactivate Extra Certificates:
- Make sure there is only one active SSO certificate in your Google Workspace configuration.
3. Provide Current Metadata
- Contact Digital Theatre+ Support:
- Send us your current SAML metadata so we can verify that the certificate matches what we have on our end.
4. Generate a New Certificate (if necessary)
- Create a New Certificate:
- If the issue persists, you may need to generate a new SAML certificate. Refer to our guide on Generating a New SAML Certificate.
Steps for IT Team to Check and Update SAML Certificate
-
Navigate to Google Admin Console:
- Go to the Google Admin console and select Apps > Web and mobile apps.
-
Select Digital Theatre+:
- Find and select the Digital Theatre+ SAML app.
-
Manage Certificates:
- Under SAML Certificates, ensure only one certificate is active.
- Check the validity and expiry date of the active certificate.
-
Update Metadata:
- If changes are made, update the metadata and send it to Digital Theatre+ support for verification.
Additional Help
If you need further assistance, please contact your IT team or refer to Google's documentation on managing SAML certificates.