SAML - ADFS Log-out issue

Community Support
1

I’m trying to use SAML with ADFS as identity provider but I got an issue during log-out that is blocking it. When I click on log-out I’m redirect to the ADFS webpage but I get stucked on error MSIS7054. As far as I understand it seems to be an issue with the certification during the log-out procedure.

Anyone could help me?

Here the details and logs…

Error from the log-out ADFS webpage:

Activity ID: 02d14948-b72a-4ae4-720d-0080010000d5
Error details: MSIS7054: The SAML logout did not complete properly.
Node name: 07f6ffc9-3f3b-4eed-96ab-2d56388c1d68
Error time: Wed, 09 Nov 2022 16:19:16 GMT
Cookie: enabled
User agent string: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:106.0) Gecko/20100101 Firefox/106.0

ADFS logs:

The verification of the SAML message signature failed.
Message issuer: https://**********/rocket-chat/_saml/metadata/adfs-*****-com
Exception details:
MSIS7084: SAML logout request and logout response messages must be signed when using SAML HTTP Redirect or HTTP POST binding.

This request failed.

User Action
Verify that the message issuer configuration in the AD FS configuration database is up to date.
Configure the signing certificate for the specified issuer.
Verify that the issuer’s certificate is up to date.
Verify the issuer and server message signing requirements.

Rocket Chat logs:

I20221110-16:26:30.571(1) [2022-11-10T15:26:30.570Z] USERLVL (Meteor/31310 on ip-172-31-31-65): method: “samlLogout” userId: “iBDrzNcQ6B2W8DWgd” userAgent: “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36” referer: “” remoteIP: “*******” instanceId: “S7hZq3dHP8DMjA6EJ” I20221110-16:26:30.577(1) [2022-11-10T15:26:30.577Z] USERLVL (API/31310 on ip-172-31-31-65): status: 200 responseTime: 7 method: “POST” url: “/api/v1/method.call/samlLogout” userId: “iBDrzNcQ6B2W8DWgd” userAgent: “Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36” length: “111” host: “**" referer: “” remoteIP: "”

Server Setup Information

    Version of Rocket.Chat Server: 4.1.0-17.7
    Operating System: Debian 9
    Deployment Method: tar
    Number of Running Instances: 1
    DB Replicaset Oplog:
    NodeJS Version: 12.22.1
    MongoDB Version: 5.0.2
    Proxy: nginx
    Firewalls involved: yes

Screenshot_ADFS
Screenshot_ADFS852×479 17.4 KB