问题
I have the following issue:
I want to generate the SAML-metadata, for my SSO-ServiceProvider, using node.js and the package
'passport-saml'.
This package includes the method 'generateServiceProviderMetadata( decryptionCert )' which will generate a service provider metadata document suitable for supplying to an identity provider.
this requires an decryptionCert...
Which decryptionCert shall I use, i.e. where and how to get it?
As far as I understand, I need something like:
privateCert: fs.readFileSync('./cert.pem', 'utf-8')
where do I get './cert.pem' ?
Any advises and hints will be appreciated.
回答1:
In fact, you need to generate your own certificate for this. If you have private key, you can use it to generate cert file:
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mykey.key -out certificate.crt
Where mykey.key is your existing key, and certificate.crt is newly generated certificate you should pass as a parameter to generateServiceProviderMetadata function. Of course, first you need to load cert. into memory using fs.readFileSync
So, here are steps:
1. Generate .crt file
2. Load it into variable: var decryptionCert: fs.readFileSync('./certificate.crt', 'utf-8')
3. Generate metadata file, calling provided function:
myStrategy.generateServiceProviderMetadata(decryptionCert)
来源:https://stackoverflow.com/questions/24914597/how-to-use-generateproviderservicemetadata-working-with-passport-saml