SakamonWeb
New
Tools
Index
Edit
shibboleth
リポジトリ取得 <pre> > wget http://download.opensuse.org/repositories/security://shibboleth/CentOS_5/security:shibboleth.repo > sudo cp security\:shibboleth.repo /etc/yum.repos.d/shibboleth.repo </pre> GPG鍵取得 <pre> > wget http://shibboleth.internet2.edu/downloads/KEYS > gpg --import KEYS; gpg --fingerprint 0x7D0A1B3D > sudo rpm --import KEYS </pre> shibboleth インストール <pre> > sudo yum install shibboleth Dependencies Resolved ============================================================================= Package Arch Version Repository Size ============================================================================= Installing: shibboleth i386 2.3.1-1.3 security_shibboleth 1.2 M Installing for dependencies: log4shib i386 1.0.4-1.3 security_shibboleth 82 k opensaml i386 2.3-1.9 security_shibboleth 1.2 M unixODBC i386 2.2.11-7.1 base 832 k xerces-c i386 3.0.1-6.3 security_shibboleth 1.3 M xml-security-c i386 1.5.1-4.3 security_shibboleth 447 k xmltooling i386 1.3.3-1.2 security_shibboleth 747 k Transaction Summary ============================================================================= Install 7 Package(s) Update 0 Package(s) Remove 0 Package(s) Total download size: 5.7 M Is this ok [y/N]: y </pre> shibdの起動と,apacheへの適用 (基本的に再起動するのみ) <pre> > /sbin/service shibd start > /sbin/service httpd restart </pre> アサーション署名用のSelfSign証明書,鍵の準備 <pre> openssl req -new -keyout credentials/sp-key.pem -newkey rsa:1024 -nodes -out /etc/shibboleth/credentials/sp-cert.p10 -subj "/C=JP/O=ABC/OU=XYZ/OU=sp/CN=xxx.xxx.xx.xx" openssl x509 -req -in credentials/sp-cert.p10 -signkey credentials/sp-key.pem -days 3650 -out /etc/shibboleth/sp-cert.pem </pre> メタデータの取得 <pre> > wget --no-proxy http://localhost/shib/Metadata </pre>
Sign:
freeze
sage
Attachment
New:
Sign:
Rename
Title:
Sign: