Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
Problem SSO: INVALID SIGNATURE > WHY?
Hello, I need help to configure SINGLE SIGN ON (SSO) in vanilla forum with wordpress.
I have a new installation of Vanilla Forums v2.3 with jsConnect to created a connection with wordpress by using the vanilla forum plugin for wordpress.
I set up a connection. SSO works fine in test mode. However, once I take the connection out of test mode I get the red "Invalid Signature" error.
Can some please help me??
Are both sites on the same server?
Do you have the hash set to
sha1in the connection settings in the Vanilla dashboard?
no, both sites are not on the same server. does this matter?
hash is set to md5 (default), why do I need to set it to sha1?
I just set the hash to sha1. still the same error: invalid signature
No , do not set it to sha1, that has been found to be compromised. Use a Higher one, Sha 256
Please follow the tutorial except the sha part. http://docs.vanillaforums.com/help/sso/jsconnect/seamless/
❌ ✊ ♥. ¸. ••. ¸♥¸. ••. ¸♥ ✊ ❌
No, but it can help in debugging to know this because hashing requires certain things to be installed on a server.
You don't; again, trying to get enough information to know what you're doing.
Next, I'd make sure you're putting the keys in alphabetical order before hashing. That's a common mistake to forget that step.
Lastly, I'd confirm the hashes you're creating by comparing them with an online generator.