ACS的PingIdentity Federation元数据导出-不与数字签名一起导出? [英] PingIdentity Federation meta data export for ACS - not exporting with a Digital Signature?

问题描述

任何人都具有将Ping Identity中的元数据文件导入ACS提供商的经验吗?

Does anyone have any experience with importing meta data files from Ping Identity into an ACS provider?

我已登录我的Ping Identity管理系统，一切正常，没有问题.然后，当我导出idP文件时...其中没有数字签名，因此我无法将此文件导入ACS，因为它抱怨其中没有签名.

I'm logged into my Ping Identity admin system, all fine, no problem. Then, when I export the idP file... no digital signature is included within it and thus I cannot import this file into ACS as it complains that there's no signature included.

是否还有其他人遇到此问题，并且对解决方法有任何想法?我知道它非常复杂，所以手指交叉了.

Has anyone else faced this issue and have any ideas on a workaround? I understand it's pretty intricate, so fingers crossed.

推荐答案

您是要对要导出的元数据文件进行签名还是要包含dsig签名密钥(或同时包含这两个签名)?

Are you trying to sign the meta-date file you're exporting or include the dsig signing key (or both)?

从PF Admin GUI(我的服务器->管理功能->元数据导出)导出时，导出向导中的一个选项是元数据签名"(它使用您指定的私钥对元数据进行签名) .向导的下一步是在其中指定IDP将使用的签名密钥".

When you export from PF Admin GUI (My Server --> Administrative Functions --> Metadata Export) one of the options in the export wizard is for "Metadata Signing" (which signs the metadata using the private key you specify). The next step in the wizard is where you specify your "Signing Key" that the IDP will use.

HTH-伊恩

这篇关于ACS的PingIdentity Federation元数据导出-不与数字签名一起导出?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！