Subject: How i Can encrypt SAML response with SP certificate
Date: 2019-06-25 10:58:52
From: devendrasahumk
Source: can-encrypt-saml-response-sp-certificate

Hi Team, 

Our SP provider ask to send SAML Response with encryption using SP certificate.
Please let me know in the context of ComponentPro\UltimateSaml-Pro v7.0.226.13\Samples\Saml\Mvc\CS\Saml2-EasySamlApi\Saml2SsoDemoMvc\IdP

 void LoadSamlSettings()
            Saml = new SamlManager();
            Saml.IdentityProvider.Config = SamlProvidersConfig.Load(
                AppDomain.CurrentDomain.BaseDirectory   "saml-idp.json", false, false);
            LocalIdentityProviderConfig local = new LocalIdentityProviderConfig();
            local.Name = LocalProviderName;
            local.Description = "IdpInitiated - IdP";
           CertificateInfo certInfo = new CertificateInfo();
            certInfo.CertificateFile = "IdpKey.pfx";
            certInfo.CertificatePassword = "password";
            local.LocalSignatureCertificates = new CertificateInfo[] { certInfo };

            ProviderConfigCollection partnerConfigs = new ProviderConfigCollection();
            PartnerServiceProviderConfig pcfg = new PartnerServiceProviderConfig();
            pcfg.Name = PartnerProviderName;
            pcfg.Description = "IdpInitiated - SP";

            pcfg.ExpectAuthnRequestSigned = true;
            pcfg.SignResponse = true;
            pcfg.SignAssertion = true;
            pcfg.EncryptAssertion = true;

            pcfg.AssertionConsumerServiceUrl = WebConfigurationManager.AppSettings["ConsumerServiceUrl"];
            pcfg.SingleLogoutServiceUrl = WebConfigurationManager.AppSettings["LogoutServiceProviderUrl"];

            CertificateInfo SpCertInfo = new CertificateInfo();
            SpCertInfo .CertificateFile = "SP_Certificate.crt";
            SpCertInfo .CertificatePassword = ""; 
            pcfg.PartnerEncryptionCertificates = new CertificateInfo[] { SpCertInfo };


            Saml.IdentityProvider.Config.Local = local;
            Saml.IdentityProvider.Config.Partners = partnerConfigs;

            Saml.IdentityProvider.Config.Save(AppDomain.CurrentDomain.BaseDirectory   "saml-idp.json");
Above line of code is correct in LoadSamlSettings() function of Gloabl.asax file of IDP project

Devendra Sahu


Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index