- Start at: Information for InCommon Site Administrators ( https://www.incommon.org/federation/siteadmin.html )
- Click on "Federation Manager Login" in left-hand panel
- Login using your InCommon-issued Site Admin credentials
- When registering a new IdP, you need to:
- Upload its signing certificate
- Use the Wizard to register a new IdP
- Upload signing cert
- Click on "X.509 Certificates (IdP Only)" in left-hand panel
- Click on "Submit new X509 certificate (IdP only)" in main panel
- (or you can review any signing certs you've already uploaded by clicking on "List of certificates (n)")
- Copy and paste the contents of your IdP's signing certificate into the form for such.
- If you are running Shibboleth IdPv3.x, this will be the certificate file that is listed as the value of the 'idp.signing.cert' property in the IdP's conf/idp.properties file. That file will be in the IdP's credentials directory, as either:
- credentials/idp.crt or credentials/idp-signing.crt
- If you are still running Shibboleth IdPv2.x, it will almost certainly be that first name above: credentials/idp.crt
- If you are running any other SAML IdP software (PortalGuard, Ellucian EIS/Ethos, etc.), it will be whatever certificate that software identifies as being the IdP's "Signing Certificate" or "Public Certificate".
- If you are running Shibboleth IdPv3.x, this will be the certificate file that is listed as the value of the 'idp.signing.cert' property in the IdP's conf/idp.properties file. That file will be in the IdP's credentials directory, as either:
- Check the "I understand and acknowledge that InCommon ..." box
- Click on the Review button
- You will get the Confirmation page. Review and click on the Submit button if all looks good to you
- Click on "X.509 Certificates (IdP Only)" in left-hand panel
- Register the IdP — You are now ready to register the IdP. An important thing to keep in mind is that, even though your IdP might support lots of different endpoints and
Click on "Identity Provider Metadata Wizard" in left-hand panel
If you have kept your IdP's metadata up-to-date, then for a Shibboleth IdP, the file in the default location of /opt/shibboleth-idp/metadata/idp-metadata.xml will have the information you need when you are using the Wizard. If you are using another SAML OdP implementation, you'll have to look for the matching-type information from it.
Assuming you haven't already registered an IdP (you can only register one), then after you click on Identity Provider Metadata Wizard", you should get a page that looks simialr to the following. (Since I already have registered an IdP, I can't go thru the "new flow" myself.)