ComponentSpace

Forums



Certificate Validation


Certificate Validation

Author
Message
Jorge Garcia Huertos
Jorge Garcia Huertos
New Member
New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)New Member (32 reputation)

Group: Forum Members
Posts: 17, Visits: 74
My project is IdP-initiated SSO with signature and encryption. I was reading the whole Guides you provided me but I didn't find how is the process of certificate validation. When occurs the certificate validation and with what method/class occurs? 

Also, I was trying to create IdP Metadata (with CreateMetadata.exe) and I don't know what I have to write in the "X.509 signature certificate file" field. I know is the path of the file (the certificate in the screenshot is "www.liventus.com"), but how can I know whats my path? I am attaching a screenshot.

Thanks in advance,
Jorge




JorgeGHS
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
We don't validate certificates. In many cases, self-signed certificates are used so validating the certificate chain etc isn't applicable.
If you wish to validate certificates you should do this within your application.
We recommend not doing this in-band as part of the SAML SSO processing as this could slow performance if, for example, off-server CRL checks are performed as part of the validation. Instead, if required, we recommend validating certificates out-of-band (eg on a nightly basis).

CreateMetadata expects the certificate to be in the file system. It doesn't support accessing the Windows certificate store. You should use the Certificates MMC snap-in, as shown, to export the certificate as a base-64 encoded .CER file. Use this file when prompted by CreateMetadata. Our SAML Metadata Guide includes information on using CreateMetadata.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 3 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search