Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Got to: Information for InCommon Site Administrators
https://www.incommon.org/federation/siteadmin.html

Click on "Federation Manager Login" in left-hand panel

Login using your InCommon-issued Site Admin credentials

If registering a new IdP, you need to:
- Upload its signing certificate
- Use the Wizard to register a new IdP

1) Upload signing cert
Click on "X.509 Certificates (IdP Only)" in left-hand panel
Click on "Submit new X509 certificate (IdP only)" in main panel
(or you can review any signing certs you've already uploaded by clicking on "List of certificates (n)")
Copy and paste the contents of your IdP's signing certificate into the form for such.
If you are running Shibboleth IdPv3.x, this will be the certificate file that is listed as the value of the 'idp.signing.cert' property in the IdP's conf/idp.properties file. That file will be in the IdP's credentials directory, as either:
credentials/idp.crt
or
credentials/idp-signing.crt

If you are still running Shibboleth IdPv2.x, it will almost certainly be that first name above:
credentials/idp.crt

If you are running any other SAML IdP software (PortalGuard, Ellucian EIS/Ethos, etc.), it will be whatever certificate that software identifies as being the IdP's "Signing Certificate" or "Public Certificate".

"Check" the "I understand and acknowledge that InCommon ..." box
Click on the Review button
Get Confirmation page, Review and click on the Submit button if all looks good to you

2) Register the IdP
You are now ready to register the IdP. An important thing to keep in mind is that, even though your IdP might support lots of different endpoints and

Click on "Identity Provider Metadata Wizard" in left-hand panel

If you have kept your IdP's metadata up-to-date, then for a Shibboleth IdP, the file in the default location of /opt/shibboleth-idp/metadata/idp-metadata.xml will have the information you need when you are using the Wizard. If you are using another SAML OdP implementation, you'll have to look for the matching-type information from it.

Assuming you haven't already registered an IdP (you can only register one), then after you click on Identity Provider Metadata Wizard", you should get a page that looks simialr to the following. (Since I already have registered an IdP, I can't go thru the "new flow" myself.)

  • No labels