Subject: How i Can encrypt SAML response with SP certificate
Date: 2019-06-25 10:58:52
From: devendrasahumk
Source: can-encrypt-saml-response-sp-certificate
----------------------------------------------------------------------

Hi Team, 

Our SP provider ask to send SAML Response with encryption using SP certificate.
Please let me know in the context of ComponentPro\UltimateSaml-Pro v7.0.226.13\Samples\Saml\Mvc\CS\Saml2-EasySamlApi\Saml2SsoDemoMvc\IdP

 void LoadSamlSettings()
        {
            Saml = new SamlManager();
           
#if LOADFROMJSON
            Saml.IdentityProvider.Config = SamlProvidersConfig.Load(
                AppDomain.CurrentDomain.BaseDirectory   "saml-idp.json", false, false);
#else
            LocalIdentityProviderConfig local = new LocalIdentityProviderConfig();
            local.Name = LocalProviderName;
            local.Description = "IdpInitiated - IdP";
           CertificateInfo certInfo = new CertificateInfo();
            certInfo.CertificateFile = "IdpKey.pfx";
            certInfo.CertificatePassword = "password";
            local.LocalSignatureCertificates = new CertificateInfo[] { certInfo };
            

            ProviderConfigCollection partnerConfigs = new ProviderConfigCollection();
            PartnerServiceProviderConfig pcfg = new PartnerServiceProviderConfig();
            pcfg.Name = PartnerProviderName;
            pcfg.Description = "IdpInitiated - SP";

            pcfg.ExpectAuthnRequestSigned = true;
            pcfg.SignResponse = true;
            pcfg.SignAssertion = true;
            pcfg.EncryptAssertion = true;

            pcfg.AssertionConsumerServiceUrl = WebConfigurationManager.AppSettings["ConsumerServiceUrl"];
            pcfg.SingleLogoutServiceUrl = WebConfigurationManager.AppSettings["LogoutServiceProviderUrl"];

            CertificateInfo SpCertInfo = new CertificateInfo();
            SpCertInfo .CertificateFile = "SP_Certificate.crt";
            SpCertInfo .CertificatePassword = ""; 
            pcfg.PartnerEncryptionCertificates = new CertificateInfo[] { SpCertInfo };

           partnerConfigs.Add(pcfg);

            Saml.IdentityProvider.Config.Local = local;
            Saml.IdentityProvider.Config.Partners = partnerConfigs;

#if SAVEJSON
            Saml.IdentityProvider.Config.Save(AppDomain.CurrentDomain.BaseDirectory   "saml-idp.json");
#endif
#endif
        }
Above line of code is correct in LoadSamlSettings() function of Gloabl.asax file of IDP project

Thanks
Devendra Sahu

----------------------------------------------------------------------

Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index