I'm new to ServiceNow / SAML / Shibboleth so please go easy on me.

I have a Shibboleth IdP installed on my local PC.

I have tested it with TestShib, and all seems to functioning as expected:
I can use TestShib as SP, submitted a auth request, my IdP gets the request which then returns the user assertion. All is well in the world.

So my next step is to test my IdP with ServiceNow.

I've set up a dev instance, clicked on Multi Provider SSO, created an IdP, imported my Shibboleth metadata, generate ServiceNow SP metadata and install that in Shibboleth.

I attempt to 'Test Connection' and get this error:

        "Content was blocked because it was not signed by a valid security certificate."

Here is the log:

08/08/16 09:07:52 (101) Testing SSO: 456539e54fc5a200a4db44b18110c789

08/08/16 09:07:52 (106) Read from column : name, value: https://myidpidp/shibboleth

08/08/16 09:07:52 (107) Use the SSOHelper passed in.

08/08/16 09:07:52 (107) Read from column : service_url, value: https://dev<INSTANCE>.service-now.com/navpage.do

08/08/16 09:07:52 (108) Read from column : clock_skew, value: 60

08/08/16 09:07:52 (109) Read from column : idp_authnrequest_url, value: https://myidp/idp/profile/SAML2/Redirect/SSO

08/08/16 09:07:52 (110) Read from column : service_url, value: https://dev<INSTANCE>.service-now.com/navpage.do

08/08/16 09:07:52 (111) Read from column : force_authn, value: 0

08/08/16 09:07:52 (111) Read from column : is_passive, value: 0

08/08/16 09:07:52 (113) Read from column : issuer, value: https://dev<INSTANCE>.service-now.com

08/08/16 09:07:52 (113) Read from column : nameid_policy, value: urn:oasis:names:tc:SAML:2.0:nameid-format:transient

08/08/16 09:07:52 (114) Read from column : service_url, value: https://dev<INSTANCE>.service-now.com/navpage.do

08/08/16 09:07:52 (115) Read from column : idp_authnrequest_url, value: https://myidp/idp/profile/SAML2/Redirect/SSO

08/08/16 09:07:52 (116) Read from column : createrequestedauthncontext, value: 0

08/08/16 09:07:52 (121) SAML Request xml: <saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="https://dev<INSTANCE>.service-now.com/navpage.do" Destination="https://myidp/idp/profile/SAML2/Redirect/SSO" ForceAuthn="true" ID="SNC90bd818425f22910d30629ad62e23236" IsPassive="false" IssueInstant="2016-08-07T23:07:52.112Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" ProviderName="https://dev<INSTANCE>.service-now.com/navpage.do" Version="2.0"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://dev<INSTANCE>.service-now.com</saml2:Issuer><saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/></saml2p:AuthnRequest>

08/08/16 09:07:52 (124) Stripping down the serviceURL: https://dev<INSTANCE>.service-now.com/navpage.do to a base URL of: https://dev<INSTANCE>.service-now.com

08/08/16 09:07:52 (125) Generating a Test Connection Relay State of: https://dev<INSTANCE>.service-now.com/navpage.doSNCRSEPsysparm_saml_tc=true&glide_sso_id=456539e54fc5a200a4db44b18110c789&exit_name=MultiSSO

08/08/16 09:07:52 (126) Read from column : require_signed_authnrequest, value: 0

08/08/16 09:07:52 (126) Redirecting to: https://myidp/idp/profile/SAML2/Redirect/SSO?SAMLRequest=lVLLTsMwEPyVyPfEiUtDazWVSitEJR5RUzhwc%2BNNa...

08/08/16 09:07:52 (127) Generated request ID: SNC90bd818425f22910d30629ad62e23236

Can anyone help me get this working?

Your help is much appreciated,

Andrew.