Federation Security Services GuideAuthenticate SAML 1.x Users at a ConsumerSAML 1.x Authentication Scheme Prerequisites › Set Up a Key Database to Sign and Verify SAML POST Responses

Previous Topic: Install Federation Web Services at the Producer and Consumer

Next Topic: Configure SAML 1.x Artifact Authentication

Set Up a Key Database to Sign and Verify SAML POST Responses

To use the SAML POST profile for passing assertions, the assertion generator at the producer site needs to sign the SAML response that contains the assertion. The assertion consumer at the consumer site needs to verify that signature.

To accomplish these tasks, you must set up a key database for each Policy Server that is responsible for signing, verification or both. The key database is a flat-file key and certificate database that lets you manage and retrieve keys and certificates required to sign and validate SAML responses used with SAML POST profile authentication.

More Information:

Manage the Key Database for Signing and Encryption

Copyright © 2010 CA. All rights reserved. Email CA about this topic