In this page, Ubisecure Certificate AP is integrated with Ubisecure SSO. Ubisecure Certificate AP works as a SAML authentication method from the point of view of Ubisecure SSO.
Configuring Ubisecure SSO
A new authentication method is to be created corresponding the Certificate AP
Open Ubisecure SSO Management and create a new SAML authentication method
Figure 1. Creating the SAML method
Upload the metadata of Certificate AP to the created SAML method. The metadata of Certificate AP is found in https://certap.example.com:9443/certap/saml2/metadata.xml the domain depending on Certificate AP deployment location.
Figure 2. Uploading the metadata of the Certificate AP to the SAML method in Ubilogin SSO
- Enable the method
Set Certificate AP to Trust Ubisecure SSO
The metadata of Ubisecure SSO must be downloaded to the Certificate AP in order to create a trust relationship.
Download the Ubisecure SSO metadata:
Figure 3. Downloading the metadata of Ubisecure SSO - Place the metadata in
webapps\certap\WEB-INF\uap\metadata\metadata.xml
Restart Certificate AP
Listing 1. Restarting the Certificate APcd /d "C:\Program Files\Ubisecure\ubilogin-certap\certap"config\tomcat\update.cmd
Now you can log in to an agent by using the Certificate AP method. See Ubisecure SSO Management pages for instructions on how to attach an authentication method to a web agent and create a group for users of certificates.