It means that the certificate you’ve got in your settings-common.php file doesn’t match the one that your IdP is using.
You need to export the token signing certificate again in X509 format, and ensure you put it in your settings-custom.php file under idp -> x509cert. It should all be on one line, without the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines, with no spaces or carriage returns.