The element 'X509IssuerSerial' in namespace 'http://www.w3.org/2000/09/xmldsig#' has incomplete content
Article Number: 000027633 | Last Modified: 2019/01/17
When setting up virtual proxy with SAML, the following error might occur when choosing the identity provider metadata file.
Although it’s legal to include this information in this tag, most of the time it will be included is the <X509Certificate> tag itself.
The XML schema specification places no default restrictions on the length of an integer but Microsoft seems to perfmon some sort of check, possibly in anticipation of storing it in a .NET integer object.
Security-wise, this doesn’t matter as long as you trust the source of the metadata.
This is caused by a limitation in .NET framework to validate very long integers.
Qlik Sense is using a third-party library (Component Space) to validate the metadata file.
The solution is to remove the X509IssuerSerial tag manually from the metadata file.
This has been confirmed with Component space that this won't affect functionality nor security to do so.