签名验证失败 [英] Signature validation failed

问题描述

当我运行mvc应用程序时，我将身份服务器4与Asp.net应用程序MVC 4.5.2一起使用，它进入身份服务器4并显示登录页面.然后在填充凭据后，它会验证凭据，并且我将重定向到我的Mvc 5应用程序，但有时会出现此错误.

I am using Identity server 4 with Asp.net application MVC 4.5.2 when i run the mvc application its comes to identity server 4 and shows login page. then after filling the credentials it validates the credentials and i have taken redirect to my Mvc 5 application, but sometimes i take this error.

IDX10500: Signature validation failed. Unable to resolve 
SecurityKeyIdentifier: 'SecurityKeyIdentifier
(
IsReadOnly = False,
Count = 1,
Clause[0] = System.IdentityModel.Tokens.NamedKeySecurityKeyIdentifierClause
)
', 
token:
'{"alg":"RS256","kid":"20200ac5c987a7282847568c7d00dc26","typ":"JWT".
{"nbf":1487015385,"exp":1487015685,"iss":"https://localhost:44348","aud":"mvc","nonce":"636226121849994491.YTcxMjQ2ZDQtOWVlNC00MDk3LWJhOGYtYTIxNmM4OGFkZjU3NDFhODgzMWMtMmQ4OS00OTRmLWJiMzAtZWM1NzYyZjM3MTI2","iat":1487015385,"c_hash":"qzzLGWDykED_OIG0-TIF8w","sid":"174a7048a9521e2c99462e9b681553ae","sub":"c880d185-f7a1-422b-8cce-dff8142a1a3b","auth_time":1487014828,"idp":"local","amr":["pwd"]}'.

推荐答案

当您说有时"时，这听起来像是您在IdentityServer4中使用AddTemporarySigningCredentials选项.

When you say "sometimes" this sounds to me like you are using the AddTemporarySigningCredentials option in IdentityServer4.

这意味着每次主机启动时都会创建新的密钥材料.

This means that new key material will get created on each startup of the host.

在您的情况下，MVC应用程序具有密钥材料的缓存版本，因此不同步.

In your case the MVC application has a cached version of the key material and thus gets out of sync.

尝试设置静态键-例如使用X509证书:

Try setting static keys - e.g. using an X509 cert:

https://brockallen. com/2015/06/01/makecert-and-creating-ssl-or-signing-certificates/

这篇关于签名验证失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！