How to use generateProviderServiceMetadata() working with passport-saml

家住魔仙堡 提交于 2020-02-20 08:22:06

问题


I have the following issue:

I want to generate the SAML-metadata, for my SSO-ServiceProvider, using node.js and the package

'passport-saml'.

This package includes the method 'generateServiceProviderMetadata( decryptionCert )' which will generate a service provider metadata document suitable for supplying to an identity provider.

this requires an decryptionCert...

Which decryptionCert shall I use, i.e. where and how to get it?

As far as I understand, I need something like:

  privateCert: fs.readFileSync('./cert.pem', 'utf-8')

where do I get './cert.pem' ?

Any advises and hints will be appreciated.


回答1:


In fact, you need to generate your own certificate for this. If you have private key, you can use it to generate cert file:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout mykey.key -out certificate.crt

Where mykey.key is your existing key, and certificate.crt is newly generated certificate you should pass as a parameter to generateServiceProviderMetadata function. Of course, first you need to load cert. into memory using fs.readFileSync

So, here are steps:
1. Generate .crt file
2. Load it into variable: var decryptionCert: fs.readFileSync('./certificate.crt', 'utf-8')
3. Generate metadata file, calling provided function: myStrategy.generateServiceProviderMetadata(decryptionCert)



来源:https://stackoverflow.com/questions/24914597/how-to-use-generateproviderservicemetadata-working-with-passport-saml

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!