• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 304
  • Last Modified:

OpenAM Installing Service Provider Certificate

I'm currently trying to implement SSO assertion through SAML 2.0 certificate assertion on OpenAM 10.0, and the Service Provider only supplied their certificate, PartnerMyCompany.cer.

1. How do i register the partner as a Service Provider using SMAL 2.0 XML schema with the certificate key in the XML?

2. How do I install the partners' certificate in OpenAM so that I can create a circle of trust with the partners' certificate key?

I need to be authenticated with my partner's certificate to get access to services. I need to create the XML with the partners' certificate key. How do i do this?
<EntityDescriptor entityID="https://www.partner.com/" xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
	<SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
		<NameIDFormat>
			urn:oasis:names:tc:SAML:2.0:nameid-format:transient
		</NameIDFormat> 
		<AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.partner.com/Login/MyCompany/SSO.svc/invoke"/>
	</SPSSODescriptor>
</EntityDescriptor>

Open in new window

0
digitsung
Asked:
digitsung
1 Solution
 
mwochnickCommented:
Assuming the XML above is a modified sample from your partner
After you login to openAM as the administrator
Click on Register Remote Service Provider
Once in there
Select that you want to upload the meta data from a file
pick your file
upload it

On this screen you also need to pick an existing COT or create a new one

finally you will need to map the the fields you will receive from you partner to the fields in your Idp
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now