Configuring FortiAuthenticator as an IdP that sends encrypted assertions

Forum|Forum|6 years ago
April 21, 2020
0 replies
1525 views

It appears that we can configure our FortiAuthenticator as a working valid SSO/SAML IdP and we can see signed SAML payloads leaving the FortiAuthenticator and we see the same SAML payloads arriving at the destination. The content looks marvelous and all the fields match what we are expecting at the destination... with one exception... the SAML Assertions in the payload are not encrypted.

On the FortiAuthenticator IdP configuration, we can include "Data Encipherment" in the "Advanced Options | "Key Usages" but still, the payload leaves the FortiAuthenticator and reaches the destination unencrypted.

Can anyone shed light on how to force Assertion Encryption? Please advise. Thank you in advance.

SJP

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded