Getting SAML Request is invalid error while requesting into OpenAm from SP?

Question

We have an Enterprise App acting as SP (Service Provider) and an OpenAm acting as IDP (Identity Provider).

Generated a metadata from SP and imported into OpenAm

Metadata file

<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"  ID="_602b5e40-99ef-0134-def1-4d6af9854785" entityID="https://<site>/sso_auth/metadata">
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
cert
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
cert
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService ResponseLocation="https://<site>/sso_auth/logout" Location="https://<site>/sso_auth/logout" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"/>
<md:NameIDFormat>
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
</md:NameIDFormat>
<md:AssertionConsumerService isDefault="true" index="0" Location="https://<site>/sso_auth/consume_saml" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"/>
</md:SPSSODescriptor>
</md:EntityDescriptor>

SP digitally signs and initiate a request to OpenAm then I am getting 'The SAML Request is invalid' error.

Singed SP's Request

<samlp:AuthnRequest AssertionConsumerServiceURL='https://<site>/sso_auth/consume_saml'
    Destination='http://<openam>/openam_12.0.0/SSOPOST/metaAlias/idp'
    ID='_2eeaae10-99f0-0134-def1-4d6af9854785' IssueInstant='2016-12-01T12:32:44Z' Version='2.0'
    xmlns:saml='urn:oasis:names:tc:SAML:2.0:assertion'
    xmlns:samlp='urn:oasis:names:tc:SAML:2.0:protocol'>
    <saml:Issuer>https://<site>/sso_auth/metadata</saml:Issuer>
    <ds:Signature xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
        <ds:SignedInfo><ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/><ds:SignatureMethod Algorithm='XMLSecurity::Document::RSA_SHA1'/>
            <ds:Reference URI='#_2eeaae10-99f0-0134-def1-4d6af9854785'>
                <ds:Transforms><ds:Transform Algorithm='http://www.w3.org/2000/09/xmldsig#enveloped-signature'/>
                    <ds:Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'><ec:InclusiveNamespaces PrefixList='#default samlp saml ds xs xsi md'
                        xmlns:ec='http://www.w3.org/2001/10/xml-exc-c14n#'/></ds:Transform>
                </ds:Transforms><ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
                <ds:DigestValue>n4a4wAkD84V7Qm+8MTeYcJzsAxI=</ds:DigestValue>
            </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>
            signature
        </ds:SignatureValue>
        <ds:KeyInfo>
            <ds:X509Data>
                <ds:X509Certificate>
                    cert
                </ds:X509Certificate>
            </ds:X509Data>
        </ds:KeyInfo>
    </ds:Signature><samlp:NameIDPolicy AllowCreate='true'
        Format='urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'/></samlp:AuthnRequest>

I am getting bellow error

Please help me to solve this issue