question about Service Provider Cert

Carl Buxbaum cbuxbaum at
Mon Feb 11 15:31:11 EST 2013


I am trying to get a handle on the certificate installation for a Service Provider implementation.  I successfully developed and tested a SP  IDP initiated SSO implementation using a self signed certificate against the Shibboleth IDP, but the customer requires a CA issued cert.  According to the documentation of the CA, they talk about generating a cert request, and then importing the entire certificate chain into my SP keystore.  Since I already have the private key in my keystore, do I really need to import anything else after running keytool -genkey? Do I need to import the resulting cert into the IDP?  And the rest of the cert chain? Or do I just take the resulting cert and place it in the metadata for the Identity Provider?  The Identity Provider they are using is PingFederate.

Thanks for the help.

Carl  Buxbaum
Software Architect
TradeStone Software
17 Rogers St. Suite 2; Gloucester, MA 01930
P: 978-515-5128 F : 978-281-0673<>

E-mails and attachments from TradeStone Software, Inc. are confidential.
If you are not the intended recipient, please notify the sender immediately by
replying to the e-mail, and then delete it without making copies or using it
in any way. No representation is made that this email or any attachments are
free of viruses. Virus scanning is recommended and is the responsibility of
the recipient.
-------------- next part --------------
An HTML attachment was scrubbed...

More information about the users mailing list