Could not authenticate you from SAML because "Fingerprint mismatch"

I am trying to connect GitLab and Keycloak using SAML, however, I get a “Fingerprint mismatch” error. I have tried setting the idp_cert to the following.

idp_cert: '-----BEGIN CERTIFICATE-----<MY_CERTIFICATE>-----END CERTIFICATE-----'

I have also tried the fingerprint instead.

idp_cert_fingerprint: '52:64:B4:A9:36:BC:57:67:28:0E:BF:14:2C:5C:E2:1C:79:27:D9:B0'

In both cases, I get the same “Fingerprint mismatch” error. I have checked many times that the certificate I am using is the correct certificate used in keycloak.

I am having the same problem.

@mounikakella @codejamninja I had the same issue. I resolved it like so:

In my case, I was trying to use my IDPs SSL certification fingerprint.

Instead, I had to use my IDPs generated ssl certification. In keycloak, this is in the realm settings > keys > RSA > Certificate. I had to set the idp_cert field to

idp_cert: ‘-----BEGIN CERTIFICATE-----<MY_IDP_GENERATED_CERTIFICATE>-----END CERTIFICATE-----’

Use the ‘SAML’ chrome plugin to see what certificate your IDP is sending to your GitLab instance. GitLab needs to use this certificate.

I hope this was helpful!