Agent for SharePoint Guide › Configure SharePoint › How to Configure the Trusted Identity Provider › Modify the PowerShell Script › Modify the PowerShell Script for Certificates Issued by a Trusted Certificate Authority
Modify the PowerShell Script for Certificates Issued by a Trusted Certificate Authority
If you are using a certificate signed by a certificate authority that is trusted by the SharePoint server, modify the PowerShell script to do the following tasks:
- Skip the step to import the certificate authority certificate.
- Skip the stop to create a new SharePoint trusted root authority.
- Import only the signing certificate.
Follow these steps:
- Open the PowerShell script with any text editor.
- Comment the first two lines in the PowerShell script, as shown in the following example:
#$rootcert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("<full path to Root certificate file>")
#New-SPTrustedRootAuthority -Name "<Trusted root authority name>" -Certificate $rootcert
- Locate the following text:
"<full path to Signing certificate file>"
- Replace the previous text with the full path to your Signing certificate. For example, if the full path to your certificate is C:\certificates\sharepoint\signing_certificate.cer, the updated line matches the following example:
"C:\certificates\sharepoint\signing_certificate.cer"
- Locate the second occurrence of the following text:
<Trusted root authority name>
- Replace the previous text with a friendly name for the new trusted root authority in SharePoint. For example, if the name you want is SPSigningAuth, the updated line matches the following example:
"SPSigningAuth"
- Locate the following text:
"<Name of the trusted identity provider>"
- Replace the previous text with the name of your SharePoint realm (the realm name follows $realm = in the PowerShell script). For example, if the name of your SharePoint realm is $realm="urn:moss2O1O-wsfed1-casm", the updated line could match the following example:
"moss2O1O-wsfed1-casm"
- Locate the following text:
"<Description for the Trusted Identity Provider>"
- Replace the previous text with a description for your trusted identity provider. For example, if you want to describe the trusted identity provider as "SiteMinder Provider," the updated line could match the following example:
"SiteMinder Provider"
Note: The LDAP directory and Active Directory charts contain additional examples of possible names.
- Save your changes and close your text editor.
The PowerShell script is modified.
- Create a trusted identity provider.
Copyright © 2013 CA.
All rights reserved.
|
|