Previous Topic: Securing a Federated EnvironmentNext Topic: User Directory Configuration for Federation


Key and Certificate Management

Securing an assertion and encrypting data within the assertion is a critical part of partnership configuration. In a federation environment, key/certificate pairs and standalone certificates serve a number of functions:

The Policy Server Configuration Guide contains overview information and instructions about managing keys and certificates.

You can use SSL server certificates to do the following tasks:

Refer to instructions for enabling SSL for the web server where the CA SiteMinder® Web Agent is installed.

Note: If you enable SSL, it affects all URLs for all services, even the Base URL parameter. This means that all service URLs must begin with https://.

SAML 2.0 Signing Algorithms

For SAML 2.0, you have the option of choosing a signing algorithm for signing tasks. The ability to select an algorithm supports the following use cases:

Signature verification automatically detects which algorithm is in use on a signed document then verifies it. No configuration for signature verification is required.