cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Active Contributor

Cannot find signing certificate configured.

I have set up federated login through this guide on my development environment. Provisioning users works but when the user tries to activate their account through the email they received they get this certificate error.

 

AADSTS500031: Cannot find signing certificate configured.

 

I can not find anything about certificates in the guide, or anything about the error on Google (except for SSO which I am not using).

 

Has anyone else experienced this error?

24 REPLIES 24
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

I have the same issue. Did you ever figure this out?
Highlighted
Active Contributor

Re: Cannot find signing certificate configured.

I contacted Lastpass and they gave me this workaround (which I can confirm works)

 

When creating the new enterprise application in Azure AD you will have to use the old interface by clicking:
Click here to switch back to the old app gallery experience
Non-Gallery application
(continue following guide)

Highlighted
New Contributor

Re: Cannot find signing certificate configured.

Thanks for the quick reply. Interesting because the instructions show using the new experience.
Highlighted
Active Contributor

Re: Cannot find signing certificate configured.

Yes very interesting, but it might also be recently introduced issue which did not exist when the manual was created. Lastpass has a bug report open.

Here's the original reply:

Hello Thomas,

This seems to be stemming from a discrepancy between microsofts behavior on their new App gallery UI, where signing certificates are assumed for federated integrations. This is not the case in the old Microsoft App gallery. 

We have a bug report open currently for this issue and I will add your case to it. While our team addresses this issue, the workaround is to set this integration up using the old App gallery UI. I have attached screenshots displaying what the old and new gallery UI's look like for your review.

New_APP_GalleryUI.pngOld_APP_GalleryUI.png

Highlighted
New Contributor

Re: Cannot find signing certificate configured.

Thanks for the info, I ended up opening a ticket too to see what they say. I hope I don't have to go through the setup again, it wasn't the easiest to follow.
Highlighted
New Contributor

Re: Cannot find signing certificate configured.

Anyway, how do you like it so far? I'm trying to decide between this and keeper cloud sso.
Highlighted
Active Contributor

Re: Cannot find signing certificate configured.

Im liking it so far, the guide was a bit intimidating at the beginning but I would be able to set it up in 20 minutes after trying it a few times.

(I tried it out in a free office365 development area)

 

Im planning on making a small guide for employees to set up their LastPass, but it seems to be simply activating and using LastPass.

 

From what I read SSO seems to have a big (permanent) impact, ie. if I set up SSO with LastPass, my users will have to login through Lastpass to access their Office 365 account, and apart from that none of the other services we use support SSO yet.

Upside from federated logins is that I can add employees in stages, so probably 1 department at a time.

 

Im now looking into federated logins with Google, allowing employees to use the same account to log in to Office365(main), Lastpass, and their Chromebooks. Where Office365 handles logins and 2FA.

Highlighted
New Contributor

Re: Cannot find signing certificate configured.

Lastpass Federated login - Allows user to login to lastpass with their O365 credentials.

 

Keeper Cloud SSO - Similar to lastpass but the user will be logged into keeper automatically if already authenticated with O365.  Also need to toggle the option to disable Single Sign OUT otherwise hitting sign-out on keeper would sign them out of O365.

 

I prefer the lastpass Same sign in method, not single sign in but either seems like they would work fine.  It's nice how Keeper has an enterprise app in the catalog but with lastpass, we have to create a custom app.  Downside of keeper is they have no community for discussions like this.

Highlighted
Active Contributor

Re: Cannot find signing certificate configured.

I prefer the LastPass method aswell, and keep in mind: You only have to set it up once 😉

Lastpass' 24/7 support line helped me great a few days ago, we're definately staying with LastPass