Federation Security Services GuideUse SAML 2.0 Provider Metadata To Simplify ConfigurationExport Metadata Tool › smfedexport Tool Examples

Previous Topic: Command Options for smfedexport

Next Topic: Import Metadata Tool

smfedexport Tool Examples

Example: Exporting an Identity Provider

smfedexport -type saml2idp -entityid http://www.myidp.com/idp1 
-expiredays 30 -sign -pubkey -slohttpredir http://www.mysite.com
/affwebservices/public/saml2slo -reqsignauthr 
-ssoart http://www.mysite.com/affwebservices/public/saml2sso 
-artressvc http://www.mysite.com/affwebservices/
saml2artifactresolution -output myidpdescription.xml

Example: Exporting an Service Provider

smfedexport -type saml2sp -entityid http://www.myidp.com/sp1 -expiredays 30 -sign -pubkey -slohttpredir http://www.mysite.com/affwebservices/public/saml2slo -signauthr
-aconsvcpost http://www.mysite.com/affwebservices/public/
saml2assertionconsumer -aconsvcpostindex 12345 -output myidpdescription.xml

Example: Modifying and Signing an Exported Data File

This example assumes that you have already exported metadata to an XML file using the smfedexport tool, but now you want to modify the file and digitally sign it.

To modify and sign a metadata file

  1. Edit the existing XML file using an XML editor.
  2. Enter the following command: 
    smfedexport -sign -infile file -output file

    For example:

    smfedexport -sign -infile myspdescription.xml -output newspdescription.xml

To modify an exported file that is already digitally signed

  1. Edit the existing XML file using an XML editor as need.
  2. Delete the <Signature> element from the file.
  3. Enter the following command: 
    smfedexport -sign -infile file -output file

    For example:

    smfedexport -sign -infile myspdescription.xml -output newspdescription.xml

Copyright © 2010 CA. All rights reserved. Email CA about this topic