I am getting lost with all the certs so can someone please help me. While I have System SAML SSO logins working I noticed that one of the certs involved I have no clue where it came from. So I am trying to understand which cert is needed where.
On the FortiGate:
SAML SSO SP Cert: I am guessing this should be the cert of the SP. If the SP Address is john.com the cert should be the cert+key of john.com.
SAML SSO IdP cert: This should be the cert of the IdP (imported as a remote cert). In my case the ADFS server.
On the ADFS Server:
Matching Relaying party trust Encryption: ADFS Cert
Matching Relaying party trust Signature: ADFS Cert
Does this sound correct?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @systemgeek,
Yes, it seems correct. Please refer to this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SAML-SSO-login-for-SSL-VPN-wit...
Regards,
Not being a Windows person it took me a bit to figure out where my extra cert came from. So I would like to correct the cert listing I have above.
On the FortiGate:
SAML SSO SP Cert: I am guessing this should be the cert of the SP. If the SP Address is john.com the cert should be the cert+key of john.com.
SAML SSO IdP cert: This should be the cert of the IdP (imported as a remote cert). In my case the ADFS server Token-decrypoting Cert.
On the ADFS Server:
Matching Relaying party trust Encryption: ADFS Service Communication Cert
Matching Relaying party trust Signature: ADFS Service Communication Cert
Hi @systemgeek,
Yes, it seems correct. Please refer to this article: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SAML-SSO-login-for-SSL-VPN-wit...
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1031 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.