Forums, Documentation & Knowledge Base - ComponentSpace

ExportMetadata.exe


https://componentspace.com/forums/Topic9162.aspx

By [email protected] - 8/27/2018

Good Morning,
A user will be authenticated on the Identity Provider managed by external customer. They will call our service provider and asked me some information:
- signing certificate public key
- metadata file or url
I would like to generate the metadata.xml file for my service provider using ExportMetadata.exe (version 2.8.8.0):
SAML configuration file to export [saml.config]: saml.config
X.509 signature certificate file [None]: certificate.crt
X.509 encryption certificate file [None]: What is this? Could be any files or should be a certificate file?
Assertion Consumer Service URL [None]: https://ourservername/SamlServiceProvider-Iat/SSO/AssertionConsumerService
Single Logout Service URL [None]:
Partner Identity Provider Name [None]: https://customerservername/IdentityProvider (this cause an error: identity provider name not found)
SAML metadata file [metadata.xml]: sp-iat-metadata.xml

This is my saml.config:

<?xml version="1.0"?>

<SAMLConfiguration xmlns="urn:componentspace:SAML:2.0:configuration">

<ServiceProvider Name=https://ourservername/SamlServiceProvider-Iat/

       Description="Saml Service Provider (Iat)"

       AssertionConsumerServiceUrl="~/SSO/AssertionConsumerService"

       LocalCertificateFile="Certificates\certificate.crt"/>

<PartnerIdentityProviders>

  <PartnerIdentityProvider Name="https://customerservername/IdentityProvider"

          Description="Customer Identity Provider (Stage)"

          SignAuthnRequest="true"

          PartnerCertificateFile="Certificates\Customer1\certificate.crt"/>

</PartnerIdentityProviders>

</SAMLConfiguration>


I receive an error on
Partner Identity Provider Name [None]:

Regards,
Fabio
By ComponentSpace - 8/30/2018

It's prompting for a certificate file with a .CER extension rather than a .PFX extension.
I'll see that ExportMetadata is updated to make this clearer.
You need the corresponding .CER file to your .PFX file.
Your .PFX file contains your certificate and private key.
The .CER file contains your certificate and public key.
You can use the following PowerShell cmdlets to create a .CER from your .PFX.

Get-PfxCertificate -FilePath certificate.pfx | Export-Certificate -FilePath certificate.cer