1. Make sure you have configured the Federate authentication as illustrated at http://help.bizagi.com/bpmsuite/en/index.html?sso_authentication.htm.
Note that your identity provider should support the protocols and versions listed as requisites.
2. Verify that certificates are imported correctly at the Java Keystore of the JVM being used by the server.
For instance when using auto-signed certificates (or a development-environment CA) you may need to explicitly install/import such certificates.
If you are using Bizagi JEE Plug-in, install them at C:\BizagiJEE\[Bizagi_version]\jdk6\jre\lib\security\cacerts\.
Otherwise, install them at the JVM used by that server.
3. Verify your server certificates validity.
When having the certificate installed, open its detail to check its status.
The following image shows an invalid certificate:
The following image shows a valid certificate:
If the certificate is invalid, you will need to make sure you use a valid one and re-install/re-import it at the Java Keystore of the JVM.