I am following the below document to configure the SAML SSO for WAS 8.5.5 and we are stuck at the very first step. As per the guide, we are supposed to add an identity provider using metadata of the identity provider & then import the SAML token signer certificate. But in our case we have received a single file called Federation Metadata.xml from the external identity provider which has both metadata & SAML token signer certificate info with in the same file. So the question is how do i export Metadata & token signer certificate out of it to accomplish step 1.
1 Answers
0
votes
You can extract the token signing certificate from the FederationMetadata.xml file via the following steps.
- Find the element
<ds:Signature>in the FederationMetadata.xml file, then the<KeyInfo>element within it and then the<X509Certificate>element below that. - Take the base64 string within the X509Certificate element and paste this into a new text document.
- Save and close the text document and change the extension from .txt to .cer. This should be the public portion of cert you can use to import.
