IBM Tivoli Federated Identity Manager, Version 6.2.2

Customizing signature X.509 certificate settings

When you sign messages or assertions, the X.509 certificate (public key) is included with your signature as a base64-encoded X.509 certificate. However, you can specify whether this data should be excluded and whether additional data should be included with your signatures.

Before you begin

Before using this procedure, you must have configured your federation. In addition, if you are an identity provider in a SAML 1.x federation, your assertion signature settings are configured when you add your service provider partners. To modify the settings for your assertion signature, you must have already configured a service provider partner.

Procedure

  1. Log on to the console.
  2. Click Tivoli Federated Identity Manager > Configure Federated Single Sign-on > Federations.

    Or, if you are an identity provider to modify your SAML 1.x assertion signature settings, click Tivoli Federated Identity Manager > Configure Federated Single Sign-on > Partners.

    The Federations panel shows a list of configured federations.
  3. Select a federation. The Partners panel shows a list of configured partners.
  4. Select a partner.
  5. Click Properties.
  6. Select the properties to modify. The properties are described in the online help.
  7. When you have finished modifying properties, click OK to close the Properties panel.
Parent topic: Configuring

Feedback