In this page, Ubisecure Certificate AP is integrated with Ubisecure SSO. Ubisecure Certificate AP works as a SAML authentication method from the point of view of Ubisecure SSO.

Configuring Ubisecure SSO

A new authentication method is to be created corresponding the Certificate AP

1. Open Ubisecure SSO Management and create a new SAML authentication method

   Figure 1. Creating the SAML method

   
   

2. Obtain the SAML2 metadata of Certificate AP by either:

   1. downloading it from the respective server at  https://certap.example.com:9443/certap/saml2/metadata.xml the domain depending on Certificate AP deployment location. You will need a client certificate to be able to do this.

   2. generating it on the command line as in the example below:
      
      

      Code Block
      language text title Listing 1. Generating Certificate AP SAML2 metadata on Linux
      java -classpath '/usr/local/ubisecure/certap/certap/webapps/certap/WEB-INF/lib/*' com.ubisecure.saml2.config.Main Metadata /usr/local/ubisecure/certap/certap/webapps/certap/WEB-INF/uap -idp -f ~/certap-metadata.xml

      
      

      Code Block
      language text title Listing 2. Generating Certificate AP SAML2 metadata on Windows
      java -classpath '%PROGRAMFILES%\ubisecure\certap\certap\webapps\certap\WEB-INF\lib\*' com.ubisecure.saml2.config.Main Metadata "%PROGRAMFILES%\ubisecure\certap\certap\webapps\certap\WEB-INF\uap" -idp -f "%HOME%\certap-metadata.xml"

      
      

3. Upload the metadata of Certificate AP to the created SAML method. .

   Figure 2. Uploading the metadata of the Certificate AP to the SAML method in Ubilogin SSO

   
   

4. Enable the method

Set Certificate AP to Trust Ubisecure SSO

The metadata of Ubisecure SSO must be downloaded to the Certificate AP in order to create a trust relationship.

...