This is the error I get after logging into Stack with my LightOpenID provider script.
The OpenID Provider issued an assertion for an Identifier whose discovery information did not match.
Assertion endpoint info:
ClaimedIdentifier: http ://sub.mydomain.net/?cgillis
ProviderLocalIdentifier: http ://sub.mydomain.net/?cgillis
ProviderEndpoint: http ://sub.mydomain.net/
OpenID version: 2.0 Service Type URIs:
Discovered endpoint info: [{
ClaimedIdentifier: http ://specs.openid.net/auth/2.0/identifier_select
ProviderLocalIdentifier: http ://specs.openid.net/auth/2.0/identifier_select
ProviderEndpoint: http ://sub.mydomain.net/
OpenID version: 2.0 Service Type URIs: http ://specs.openid.net/auth/2.0/server },]
Provider script: https://gist.github.com/1072612
I should note the provider has select_id set to true. Everything works if it's set to false.
Basically, the problem is that you set select_id = true for the identity urls. If you set it to false for only the urls returned by checkid(), it will work as expected.
See __construct() in example.php from the repository for an example on how can this problem be solved.
You should also see the Provider wiki page and a related bug report