-
Configuring Shibboleth SP 2 on CentOS to the ukfederation w/ Godaddy certs
Part 2. Shibboleth Config (6 hours)
cd /etc/shibboleth wget http://metadata.ukfederation.org.uk/ukfederation.pem wget http://metadata.ukfederation.org.uk/ukfederation-metadata.xml
Edit shibboleth2.xml
Replace all instances of sp.example.org with your Entity ID ie sp.yourdomain.comSearch for ApplicationDefaults
Add homeURL=”https://sp.domainz.com/ahomeurl” under entityID – homeURL is the first url of the resource if none is specified.
Search for <sessions
Before the default example (Reading Default example directs to a speci… ” Insert:
<SessionInitiator isDefault="true" id="UKFederation" Location="/WAYF/UKFederation" type="WAYF" defaultACSIndex="5" URL="https://wayf.ukfederation.org.uk/WAYF" />
Search for exportLocation
Under exportLocation replace http://localhost with https://localhost
Replace all instances of root@localhost with the technical support email address
Search for MetadataProvider
This bit gets messy so pay close attention…..
After the line reading Insert
<MetadataProvider type="XML" uri="http://metadata.ukfederation.org.uk/ukfederation-metadata.xml" backingFilePath="/etc/shibboleth/ukfederation-metadata.xml" reloadInterval="14400"> <MetadataFilter type="RequireValidUntil" maxValidityInterval="2592000"/> <SignatureMetadataFilter certificate="ukfederation.pem"/> </MetadataProvider>
Search for the line Delete it or comment it out.
Directly below it paste the following:
/etc/shibboleth/sp.key /etc/shibboleth/sp.crt
Don’t forget to replace yourpassword with your key password if you have set one!
For now we are done in shibboleth2.xml
Run ./keygen.sh to generate your new key pair
mv sp-key.pem sp.key mv sp-cert.pem sp.crt
Now we must configure Apache for shibboleth
Related Posts
- Configuring Apache for Shibboleth on CentOS to the ukfederation w/ Godaddy certs
- Testing Shibboleth SP 2 on CentOS to the ukfederation w/ Godaddy certs
- Installing Shibboleth SP 2 on CentOS to the ukfederation w/ Godaddy certs
- Shibboleth WAYFless URLs UKFederation
- Installing shibboleth SP 2.3 on CentOS
Latest Videos
Sponsors
- Using Scratch at Home February 10, 2012 Mr. Mayoh
- Better Conversations February 10, 2012 Mr. Mayoh
- 1 minute weekly web wonder – Week 19 February 10, 2012 chickensaltash
- Computer Science courses should be left to the experts: teachers February 10, 2012 Terry Freedman
- Being less helpful February 9, 2012 oliverquinlan
- Maths all around you – shining a mathematical spotlight on where you live February 9, 2012 Malcolm Wilson
- Flame Painter and more – IWB interactive art experiences February 9, 2012 Tim
Pingback: Installing Shibboleth SP 2 on CentOS to the ukfederation w/ Godaddy certs | John McLear's School Technology
Pingback: Installing shibboleth SP 2.3 on CentOS | John McLear's School Technology