SAML Server

= Creating SAML Server =

Source: helloitsliam.com,support.citrix.com, simplesamlphp.org, citrix.com

Installation
Ubuntu Server - VM or Physical box Internet connectivity
 * Prerequisites:

sudo apt-get update sudo apt-get upgrade
 * Update Ubuntu

sudo apt-get install php7.0 apache2 php7.0-mcrypt php7.0-ldap php7.0-mysql libapache2-mod-php7.0 php-xml
 * Install PHP, Apache2 & related libraries:

cd /var sudo wget https://github.com/simplesamlphp/simplesamlphp/releases/download/v1.14.12/simplesamlphp-1.14.12.tar.gz sudo tar zxf simplesamlphp-1.14.12.tar.gz cd simplesamlphp-1.14.12/ sudo mv simplesamlphp-1.14.12 simplesamlphp sudo rm -f simplesamlphp-1.14.12.tar.gz cd simplesamlphp/
 * Installing SimpleSAMLphp binaries:

Configuring SAML Server
Below 4 files need to be edited with proper values: sudo nano /var/simplesamlphp/config/config.php
 * Configuring SimpleSAML php:

sudo nano /var/simplesamlphp/config/authsources.php

sudo nano /var/simplesamlphp/metadata/saml20-idp-hosted.php

sudo nano /var/simplesamlphp/metadata/saml20-sp-remote.php

Configuring Apache Server
sudo nano /etc/apache2/sites-available/000-default.conf
 * Pointing Apache to SimpleSAMLphp

http:///simplesamlphp
 * Now check if application is accessible over HTTP:

Enabling SSL

 * Enabling Secure (read SSL) access:

cd /etc/apache2/ sudo mkdir ssl

sudo openssl genrsa -des3 -out Certificate.key 4096 sudo openssl rsa -in Certificate.key -out Certificate.pem sudo openssl req -new -key Certificate.key -out Certificate.csr sudo openssl x509 -req -days 9999 -in Certificate.csr -signkey Certificate.key -out Certificate.crt

sudo a2enmod ssl sudo service apache2 restart

sudo nano /etc/apache2/sites-available/000-default.conf

sudo a2ensite ssl sudo a2enmod ssl sudo service apache2 restart

sudo phpenmod mcrypt sudo service apache2 restart

https:///simplesamlphp
 * Now the page should be available over https:

Packet Captures

 * References