On Thu, Apr 29, 2021 at 2:47 PM Alexander Podolyan <users@sogo.nu> wrote:
> I'm trying to set up SOGo with SAML2 authentication, but I don't know how > to generate SSL keys. > > In /etc/sogo/sogo.conf I have to specify the following variables: > > //SAML2 > SOGoAuthenticationType = saml2; > SOGoSAML2PrivateKeyLocation = /certs/saml_sogo.key; > SOGoSAML2CertificateLocation = /certs/saml_sogo.pem; > SOGoSAML2IdpMetadataLocation = /etc/sogo/keycloak.xml; > SOGoSAML2IdpPublicKeyLocation = /certs/saml_sso.pub; > SOGoSAML2IdpCertificateLocation = /certs/saml_sso.pem; > SOGoSAML2LogoutEnabled = YES; > SOGoSAML2LogoutURL = https://domain.com; > > How to create saml_sogo.key, saml_sogo.pem, keycloak.xml, saml_sso.pub, > saml_sso.pem? > Download and look at the scripts in this file: https://bit.ly/3aVBRpO >From 'Re: [SOGo] SAML2 authentication requirements' - MARC <https://marc.info/?l=sogo-users&m=147697076318929&w=2>, I can see that you can use: openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out saml_sogo.crt -keyout saml_sogo.pem For the .pem files, here is some good reading: ssl - How to get .pem file from .key and .crt files? - Stack Overflow <https://stackoverflow.com/questions/991758/how-to-get-pem-file-from-key-and-crt-files> Coupled with the instructions from Re: [SOGo] Sogo - Lemonldap - Saml (mail-archive.com <https://www.mail-archive.com/users@sogo.nu/msg29860.html>, I believe you'll hack it. PS: I don't even know what SAML is :-) -- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 "Oh, the cruft.", grep ^[^#] :-) -- users@sogo.nu https://inverse.ca/sogo/lists
