This content has been marked as final. Show 2 replies
No it is not a requirement that the /saml:Assertion/@Issuer equals the Subject DN of the issuer's certificate.
The OEG prepopulates the drop down in the "Trusted Issuers" with the contents of the certificate store, but you can just enter any text here. But the text entered mut match the text of the /saml:Assertion/@Issuer