The Signature step lets you define how SiteMinder uses private keys and certificates to verify SAML assertions and assertion responses.
Note: SAML 1.1 does not support encryption.
There can be multiple private keys and certificates in the certificate data store. If you have multiple federated partners, you can use a different key pair for each partner.
Note: If the system is operating in FIPS_COMPAT or FIPS_MIGRATE mode, all certificate and key entries are available from the pull-down list. If the system is operating in FIPS-Only mode, only FIPS-approved certificate and key entries are available.
Follow these steps:
Note: Click Help for a description of fields, controls, and their respective requirements.
If there is no private key in the certificate data store, click Import to import a key. Alternatively, click Generate to create a certificate request.
By completing this field, you are indicating which private key the asserting party uses to sign assertions and responses.
Note: If you are using SiteMinder in a test environment, you can disable signature processing to simplify testing. Click the Disable Signature Processing checkbox.
Signature configuration at the SAML 1.1 producer is complete.
Copyright © 2012 CA Technologies.
All rights reserved.
|
|