View Source

ISSUE

In a system where OWA is secured by DualShield MFA via WS-Federation, after the user has been successfully verified by DualShield SSO, the browser shows error "Something wen wrong" with "WrongAudienceUriOrBadSigningCert" in the URL

DualShield MFA Platform > OWA Error - WrongAudienceUriOrBadSigningCert > image2022-6-3_14-56-15.png

CAUSE

This error “WrongAudienceUriOrBadSigningCert” is typically caused 2 mistakes:

An incorrect IdP signing certificate
An incorrect Exchange FQDN – the FQDN used in the PS script MUST be the same as the FQDN that you use to visit your OWA pages

RESOLUTION

This error “WrongAudienceUriOrBadSigningCert” is typically caused 2 things

1 - You must download the correct DualShield IdP certificate, and use it in the setup as the "idpCertFile"

DualShield MFA Platform > OWA Error - WrongAudienceUriOrBadSigningCert > image2022-6-3_15-6-59.png

2 - The FQDN provided as the "ExchangeFQDN" in the setup MUST be the same as the FQDN that you use to visit your OWA pages

DualShield MFA Platform > OWA Error - WrongAudienceUriOrBadSigningCert > image2022-6-3_15-9-33.png