How to install and setup shibboleth SP on Linux

Home > Search > How-to
  by

This tutorial will set up the following environment.

 

At /etc/yum.repo.d/, create a file named security:shibbolet.repo.

~]# touch /etc/yum.repo.d/security:shibboleth.repo

 

Add the following to the security:shibboleth.repo file.

[security_shibboleth]
name=Shibboleth (CentOS_7)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/repodata/repomd.xml.key
enabled=1

 

Use yum to install the Service Provider (SP). Only install the 32-bit or 64-bit version. Do not install both. Shibboleth will install at /etc/shibboleth.

32-bit.

~]# yum install shibboleth

 

64-bit

~]# yum install shibboleth.x86_64

 

Edit the /etc/shibboleth/shibboleth2.xml and add the IP address of your domain to acl.

<Handler type="Status" Location="/Status" acl="127.0.0.1 ::1 192.168.0.0/24"/>

 

Start and enable shibboleth.

~]# systemctl start shibd
~]# systemctl enable shibd
~]# systemctl status shibd

 

Edit /etc/httpd/conf/httpd.conf, and ensure ServerName is not commented out.

ServerName www.example.com:80

 

Edit /etc/httpd/conf.d/ssl.conf, and ensure ServerName is not commented out.

ServerName www.example.com:443

 

Assuming you have HTTPD installed and configured for HTTPS, restart HTTPD.

~]# systemctl restart httpd

 

You should now be able to get your SP metadata by navigating to https://www.example.com/Shibboleth.sso/Status.



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter in the box below so that we can be sure you are a human.




Comments