auth.publicui.saml.keystore-path

Background

Set to the location of the java keystore which is used to store the private key Funnelback will use for SAML communications. For example $SEARCH_HOME/conf/samlAdminKeystore.jks.

http://docs.spring.io/spring-security-saml/docs/1.0.2.RELEASE/reference/html/security.html provides details on how this keystore can be created with java’s 'keytool' utility. This documentation also covers the creation of the private key described in auth.publicui.saml.key-password, and configuring trust of certificates presented by other systems for SAML usage.

keytool may generate SHA-1 keys by default, which is considered deprecated and may not work with all identity providers. Make sure you choose an appropriate algorithm when creating keys with keytool.

Setting the key

Set this configuration key in the server configuration.

Use the configuration key editor to add or edit the auth.publicui.saml.keystore-path key, and set the value. This can be set to any valid File value.

Notes

This setting requires Jetty to be restarted to take effect.