问题
Does anyone have any experience with importing meta data files from Ping Identity into an ACS provider?
I'm logged into my Ping Identity admin system, all fine, no problem. Then, when I export the idP file... no digital signature is included within it and thus I cannot import this file into ACS as it complains that there's no signature included.
Has anyone else faced this issue and have any ideas on a workaround? I understand it's pretty intricate, so fingers crossed.
回答1:
Are you trying to sign the meta-date file you're exporting or include the dsig signing key (or both)?
When you export from PF Admin GUI (My Server --> Administrative Functions --> Metadata Export) one of the options in the export wizard is for "Metadata Signing" (which signs the metadata using the private key you specify). The next step in the wizard is where you specify your "Signing Key" that the IDP will use.
HTH - Ian
来源:https://stackoverflow.com/questions/5497838/pingidentity-federation-meta-data-export-for-acs-not-exporting-with-a-digital