This tutorial will set up the following environment. This assumes you have already installed the HTTPD web server.

At /etc/yum.repos.d/, create a file named security:shibboleth.repo.

touch /etc/yum.repos.d/security:shibboleth.repo

Add the following to the security:shibboleth.repo file.

[security_shibboleth]
name=Shibboleth (CentOS_7)
type=rpm-md
baseurl=http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/
gpgcheck=1
gpgkey=http://download.opensuse.org/repositories/security:/shibboleth/CentOS_7/repodata/repomd.xml.key
enabled=1

Use yum to install the Service Provider (SP). Only install the 32-bit or 64-bit version. Do not install both. Shibboleth will install at /etc/shibboleth.

32-bit.

~]# yum install shibboleth

64-bit

~]# yum install shibboleth.x86_64

Edit the /etc/shibboleth/shibboleth2.xml and add the IP address of your domain to acl.

<Handler type="Status" Location="/Status" acl="127.0.0.1 ::1 192.168.0.0/24"/>

The ps command can be used to determine if your system is using init or systemd. If PID 1 is init, then you will use the service command. If PID 1 is systemd, then you will use the systemctl command.

If your system is using systemd, use the systemctl command to start and enable shibd.

systemctl enable shibd
systemctl start shibd
systemctl status shibd

If your system is using init, use the chkconfig and service commands to start and enable shibd.

chkconfig shibd on
service shibd start
service shibd status

Edit /etc/httpd/conf/httpd.conf, and ensure ServerName is not commented out.

ServerName www.example.com:80

Edit /etc/httpd/conf.d/ssl.conf, and ensure ServerName is not commented out.

ServerName www.example.com:443

Assuming you have HTTPD installed and configured for HTTPS, restart HTTPD.

~]# systemctl restart httpd

You should now be able to get your SP metadata by navigating to https://www.example.com/Shibboleth.sso/Status.