Error 400 - Bad request Contact your system administrator. The user cannot be authenticated by the SAML response through the following virtual proxy:
Article Number: 000049698 | Last Modified: 2018/06/12
When setting up SP initiated SAML Authentication with a 3rd party SSL and custom ports, login fails with a "Error 400 - Bad request Contact your system administrator. The user cannot be authenticated by the SAML response through the following virtual proxy"
The certificate was checked to ensure it read Provider = Microsoft Enhanced RSA and AES Cryptographic Provider, but authentication is still failing a 400 error, with very little indication as to what was occurring in the logging.
Custom ports are not always reflected in the metadata, which causes the connection to attempt on the standard secure port (443)
Check the metadata that is uploaded from the Identity Provider in the Qlik Management Console to ensure the port number is not listed, or utilizing the custom port.
In the metadata, you will see the POST and Redirect URL's using the standard port (443), though port 1443 is specified in the proxy.
Change the URL to read the correct custom port number specified in the proxy.