ComponentSpace

Forums



IdP metadata 2 certificates: 1st is to sign the metadata themselves, 2nd to sign the SAML response


IdP metadata 2 certificates: 1st is to sign the metadata themselves,...

Author
Message
mlam
mlam
New Member
New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)New Member (33 reputation)

Group: Forum Members
Posts: 18, Visits: 46
Hi
The IdP (PingFederate) metadata will contain 2 certificates: the first is to sign the metadata themselves, the second to sign the SAML response. 

From the SAML.config. I only can see PartnerIdentityProvider. May I know how to configure the above into the SAML.config?

<PartnerIdentityProvider Name="x"
          Description="xxx"
          SignAuthnRequest="true"
          SingleSignOnServiceUrl="https://xx.com"
          PartnerCertificateFile="Certificates\LIVE\x.cer"/>

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)ComponentSpace Development (3.8K reputation)

Group: Administrators
Posts: 2.7K, Visits: 8.4K
The saml.config doesn't include the certificate to verify the metadata signature. The PartnerCertificateFile specifies the certificate to use to verify signatures on SAML messages send by the IdP.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 4 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....









Forums, Documentation & Knowledge Base - ComponentSpace


Search