To answer your five (5) questions, without loss of generality, we assume that (I) the metadata file of SAML IdP is idpsaml-metadata.xml (II) the metadata file of SAML SP is sp-example-org.xml Q&A Where to put the SP XML information in the IdP installation Answer: /opt/shibboleth-idp/metadata/sp-example-org.xml Where to put the SP certificate in the IdP installation … Read more
.NET 4.5 has WIF (Windows Identity Foundation) built into it. This now supports SAML 2.0. To make use of SAML 2.0, just use .NET 4.5. The class name is Saml2XXXX (where XXXX is the token, assertion, serializer etc) Here is a link to SAML 2.0 Assertion: http://msdn.microsoft.com/en-us/library/microsoft.identitymodel.tokens.saml2.saml2assertion.aspx This will create a SAML 2.0 Assertion object. … Read more
You can generate a public-private keypair with the genrsa context (the last number is the keylength in bits): openssl genrsa -out keypair.pem 2048 To extract the public part, use the rsa context: openssl rsa -in keypair.pem -pubout -out publickey.crt Finally, convert the original keypair to PKCS#8 format with the pkcs8 context: openssl pkcs8 -topk8 -inform … Read more
SAML responses come with a signature and a public key for that signature. You can use the public key to verify that the content of the SAML response matches the key – in other words – that response definitely came from someone who has the matching private key to the public key in the message, … Read more
You need to convert your private key to PKCS8 format using following command: openssl pkcs8 -topk8 -inform PEM -outform DER -in private_key_file -nocrypt > pkcs8_key After this your java program can read it.