Question
We are service provider and support SAML based single signon. We want our customers to register us as Service provider in their OpenAm.
When they register us as remote SP, they need to provide us the Signing certificate. How can they easily get certificate so that they can provide us?
In OpenAm when we choose to register Google Apps / SalesForce, at one steps it gives option to download certificate which will be uploaded in Google Apps / SalesForce. But While Registering remote SP, it does not give any certificate.
So is there a way to get certificate easily while registering remote SP similar to Google Apps / SalesForce?
Solution
The standard way of doing this is that your customer provides you with SAML meta data. This is a standard format for sharing information about your SAML setup. This also contains the public key for the private key they use to sign.
SAML metadata can be exported from OpenAM. This can be done by the use of export metadata page. Have your customer go to the following URL
https://<IdP_HOST>/openam/saml2/jsp/exportmetadata.jsp?entityid=IDP_ENTITY_ID
From there the metadata can be exported to XML.
https://stackoverflow.com/questions/16332687
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian