Skip to main content
flamer
flamer
New Member
August 8, 2025
Question

SAML service provider signing

  • August 8, 2025
  • 2 replies
  • 425 views

In fortiauthenticator the option "Sign SAML requests with a local certificate" signs our AuthnRequest request as expected, however it does not sign the LogoutRequest, is this expected behaviour? is there anyway to make this work?

 

from the standard:

It is RECOMMENDED that the HTTP exchanges in this step be made over either SSL 3.0 [SSL3] or TLS 1.0 [RFC2246] to maintain confidentiality and message integrity. The message MUST be signed if the HTTP POST or Redirect binding is used. The HTTP Artifact binding, if used, also provides for an alternate means of authenticating the request issuer when the artifact is dereferenced.

 

2 replies

Stephen_G
Moderator
Stephen_G
Moderator
August 10, 2025

Hello flamer,

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Thanks,

Stephen_G - Fortinet Community Team
jogalho2
jogalho2
New Member
August 10, 2025

I found out that my current security team was talking to my old one when they started proposing specific ways of implementing things that I'd done previously. They didn't know why it was done like that only that "other companies are doing this".

Terms & ConditionsAccessibility statement