auth.publicui.saml.keystore-path

Specify the location of the SAML keystore (Public search).

Key: auth.publicui.saml.keystore-path
Type: File
Can be set in: global.cfg

Description

Set to the location of the java keystore which is used to store the private key Funnelback will use for SAML communications. For example $SEARCH_HOME/conf/samlAdminKeystore.jks.

http://docs.spring.io/spring-security-saml/docs/1.0.2.RELEASE/reference/html/security.html provides details on how this keystore can be created with java's 'keytool' utility. This documentation also covers the creation of the private key described in auth.publicui.saml.key-password, and configuring trust of certificates presented by other systems for SAML usage.

Warning: keytool may generate SHA-1 keys by default, which is considered deprecated and may not work with all identity providers. Make sure you choose an appropriate algorithm when creating keys with keytool.

⚠ Caveats

This setting requires Jetty to be restarted to take effect.

See Also

• SAML authentication
• Enable SAML authentication (Public search).
• Specify the SAML identity provider's metadata URL (file:// or http://) (Public search).
• Specify the URL to log users out of the IdP (Public search)
• Specify the prefix for the SAML entity ID (Public search).
• Specify the password for SAML keystore (Public search).
• Specify the alias of private key to use in SAML keystore (Public search).
• Specify the password for private key in SAML keystore (Public search).
• Specify the default URL to navigate to after an IdP initiated SSO login. (Public search)