Skip to main content

fedidp-util

Use the fedidp-util program to generate certificate and metadata files used for creating SAML assertions.

Usage

fedidp-util.exe -makecert [-pfx <pfxfile> -pass <password> -cert-subject <subject> -root-subject <subject> -years <years>]

fedidp-util.exe -metadata [-pfx <pfxfile> -pass <password> -]

Argument	Description
-cert-subject <subject>	Subject of the SAML document signing certificate (e.g. "Bravura Security") (required).
-certfile <filename>	Public certificate output filename (.cer format).
-echopwd	Report back (on standard out) the encrypted pfx password.
-idpurl <url>	Public facing URL of IdP (e.g. https://hids.company.com/default/ ).
-makecert	Create a new root and document signing certificate.
-mdfile <filename>	Output filename to store metadata.
-metadata	Generate IDP meta-data
-pass <password>	The encryption password used by the PFX (Personal Information Exchange) file.
-pfx <pfxfile>	Signing certificate in PFX (Personal Information Exchange) format (REQUIRED)
-root-subject <subject>	Subject of the self-signed root certificate (e.g. "Bravura Security Root")
-years <years>	The number of years the generated PFX file is valid for.
-silent	Supress success messages.

Examples

Generate a new PFX:

fedidp-util.exe -makecert -pfx saml.pfx -cert-subject SAML -root-subject "Bravura Security" -pass p455w0rD -years 3

Generate IDP metadata and public certificate from the PFX:

fedidp-util.exe -metadata -pfx saml.pfx -mdfile mdoutput -pass p455w0rD -idpurl 10.0.1.68 -cert-subject SAML -certfile public.cer

See also:

See Authentication chains: SAML for more information on the SAML authentication framework.

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.