Keystore

Enable SAML single-sign on by creating a keystore.

  • SAML needs a keystore with a generated key-pair.
  • SAML uses the key-pair to encrypt its communication with the IdP.

Create a keystore 

Use the Java keytool to create one.

keytool\
 -genkeypair\
 -alias lenses\
 -keypass my_key_password\
 -keystore lenses.pkcs12\
 -storepass my_store_password\
 -keyalg RSA\
 -keysize 2048\
 -validity 10000\
 -storetype pkcs12

SettingDefinition
aliasThe name of the key-pair
keypassThe password of the key-pair
keystoreThe filename of the keystore
storepassThe password of the keystore

Add to configuration 

Add the keystore file and password info to the security.conf configuration file.

lenses.security.saml.keystore.location = "/path/to/lenses.pkcs12"
lenses.security.saml.keystore.password = "my_store_password"
lenses.security.saml.key.password = "my_key_password"

See all SSO options.