SAML IdP Signing Encryption

Question

BIG-IP 11.5.1 Build 4.0.128 Hotfix HF4&nbsp;

I have setup the BIG-IP as IdP.&nbsp;
A Service Provider (External SP Connectors) required two different certificates one for Auth request signing and one for assertion encryption.
In the SAML SP connector we only have the option to select one certificate for both.&nbsp;
Is it possible from tmsh to set this particular requirement?&nbsp;
Thanks,&nbsp;
Now if I set the Auth Request sent to this device by SP ... Will be signed --&gt; Yes.&nbsp;
I get from APM log:&nbsp;
SSOv2 Digest from SAML message is invalid
SSOv2 Error(12) Signature verification failed for SAML Authentication Request&nbsp;
&nbsp;

sergei_miadzvez · Answer

This is supported in release 12.0.&nbsp;

Forum Discussion

SAML IdP Signing Encryption

1 Reply

Recent Discussions

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Related Content

Decrypt, Encrypt, Decrypt, Encrypt, Encrypt....

Let's Encrypt

Automate Let's Encrypt Certificates on BIG-IP

POC: Create and sign a JWT with iRule

Encrypting Cookies