Difference between revisions of "Single Sign On Service Certificate Renewal"

From Studentnet Wiki
Jump to navigation Jump to search
 
(9 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
==Single Sign On Service Certificate Renewal==
 
==Single Sign On Service Certificate Renewal==
 +
[[File:Example_xml_certs.PNG|500px|right|frame|Example XML File, will be used as reference for instructions]]
 +
The following are the steps required for Single Sign On Service Certificate Renewal.
  
#Login to Cloudwork Dashboard
+
#Login to Cloudwork Dashboard <br /><br />
#Navigate to Single Sign On
+
#Navigate to Single Sign On <br /><br />
#On the service list, click on the SSO Service which requires the certificate renewal
+
#On the service list, click on the SSO Service which requires the certificate renewal <br /><br />
#Scroll down to SAML Config and Click '''Edit'''
+
#Scroll down to SAML Config and Click '''Edit''' <br /><br />
#Scroll down to Certificates and Click '''Add Row'''
+
#Scroll down to Certificates and Click '''Add Row''' <br /><br />
#Open up the XML file received from the SSO Service which requires the certificate renewal <br>[[File:Example_xml_certs.PNG|500px|center|frame|Example XML File, will be used as reference for instructions]]
+
#Open up the XML file received from the SSO Service which requires the certificate renewal <br /><br />
#In the XML file, check the Certificate 1 Usage(found in the first KeyDescriptor Tag)
+
#In the XML file, check the Certificate 1 Usage (found in the first KeyDescriptor Tag) <br /><br />
#In the Cloudwork Dashboard in the new row select with the checkbox whether Certificate 1 will be used for Signing or Encryption  
+
#In the Cloudwork Dashboard in the new row select with the checkbox whether Certificate 1 will be used for Signing or Encryption <br /><br />
#In XML file, Copy the Certificate 1 Content that is located in between the X509Certificate Tags(The beginning of the certificate is '''MIIDSTCCA''' and the end of the certificate is '''mAKo=''')
+
#In XML file, Copy the Certificate 1 Content that is located in between the X509Certificate Tags (The beginning of the certificate is '''MIIDSTCCA''' and the end of the certificate is '''mAKo=''') <br /><br />
#In the Cloudwork Dashboard in the row which has the checkbox selected, under '''Content''' paste the Certificate 1 Content
+
#In the Cloudwork Dashboard in the row which has the checkbox selected, under '''Content''' paste the Certificate 1 Content <br /><br />
#In the Cloudwork Dashboard Click '''Add Row'''
+
#In the Cloudwork Dashboard Click '''Add Row''' <br /><br />
#In the XML file, check the Certificate 2 Usage(found in the second KeyDescriptor Tag)
+
#In the XML file, check the Certificate 2 Usage (found in the second KeyDescriptor Tag) <br /><br />
#In the Cloudwork Dashboard in the new row select with the checkbox whether Certificate 2 will be used for Signing or Encryption  
+
#In the Cloudwork Dashboard in the new row select with the checkbox whether Certificate 2 will be used for Signing or Encryption <br /><br />
#In XML file, Copy the Certificate 2 Content that is located in between the X509Certificate Tags(The beginning of the certificate is '''MIIDSTCCA''' and the end of the certificate is '''3wyacFw==''')
+
#In XML file, Copy the Certificate 2 Content that is located in between the X509Certificate Tags (The beginning of the certificate is '''MIIDSTCCA''' and the end of the certificate is '''3wyacFw==''') <br /><br />
#In the Cloudwork Dashboard in the row which has the checkbox selected, under '''Content''' paste the Certificate 2 Content
+
#In the Cloudwork Dashboard in the row which has the checkbox selected, under '''Content''' paste the Certificate 2 Content <br /><br />
#Take note which certificates are the new certificate, when the expiry date of the old certificate occurs, the old certificates will need to be removed(older certificates are at the top of Certificates Table)
+
#Take note which certificates are the new certificate, when the expiry date of the old certificate occurs, the old certificates will need to be removed (older certificates are at the top of Certificates Table) <br /><br />
 
#Click Submit
 
#Click Submit
 +
  
 
===Notes===
 
===Notes===
 +
 
*The same certificate can be used for signing and encryption.
 
*The same certificate can be used for signing and encryption.
*Some Service only have 1 certificate, in this case ignore steps 11-15.
+
*Some services only have 1 certificate, in this case, ignore steps 11-15.
 +
 
 +
 
 +
 
  
 
==Removing Certificate==
 
==Removing Certificate==
When the SAML SSO Certificate expiry date occurs, it will be necessary to remove the old certificate, the steps for removing the old certificates:
+
When the SAML SSO Certificate expiry date occurs, it will be necessary to remove the expired certificate, the steps for removing the expired certificates:
#Login to Cloudwork Dashboard
+
#Login to Cloudwork Dashboard <br /><br />
#Navigate to Single Sign On
+
#Navigate to Single Sign On <br /><br />
#On the service list, click on the SSO Service which had the certificate renewal
+
#On the service list, click on the SSO Service which had the certificate renewal <br /><br />
#Scroll down to SAML Config and Click '''Edit'''
+
#Scroll down to SAML Config and Click '''Edit''' <br /><br />
#Remove each of the expired Certificates by pressing the red button<br>[[File:Cloudwork_SSO_Cert.PNG]]
+
#Remove each of the expired Certificates by pressing the remove row button [[File:Cloudwork_SSO_Cert.PNG|300px|center|frame|Example Certificates Table in Cloudwork: Expired Certificates are the first and second row ]] <br /><br />
 
#Click submit
 
#Click submit
 +
 +
 +
[[Category:Cloudwork Dashboard]]

Latest revision as of 05:44, 11 August 2021

Single Sign On Service Certificate Renewal

Example XML File, will be used as reference for instructions

The following are the steps required for Single Sign On Service Certificate Renewal.

  1. Login to Cloudwork Dashboard

  2. Navigate to Single Sign On

  3. On the service list, click on the SSO Service which requires the certificate renewal

  4. Scroll down to SAML Config and Click Edit

  5. Scroll down to Certificates and Click Add Row

  6. Open up the XML file received from the SSO Service which requires the certificate renewal

  7. In the XML file, check the Certificate 1 Usage (found in the first KeyDescriptor Tag)

  8. In the Cloudwork Dashboard in the new row select with the checkbox whether Certificate 1 will be used for Signing or Encryption

  9. In XML file, Copy the Certificate 1 Content that is located in between the X509Certificate Tags (The beginning of the certificate is MIIDSTCCA and the end of the certificate is mAKo=)

  10. In the Cloudwork Dashboard in the row which has the checkbox selected, under Content paste the Certificate 1 Content

  11. In the Cloudwork Dashboard Click Add Row

  12. In the XML file, check the Certificate 2 Usage (found in the second KeyDescriptor Tag)

  13. In the Cloudwork Dashboard in the new row select with the checkbox whether Certificate 2 will be used for Signing or Encryption

  14. In XML file, Copy the Certificate 2 Content that is located in between the X509Certificate Tags (The beginning of the certificate is MIIDSTCCA and the end of the certificate is 3wyacFw==)

  15. In the Cloudwork Dashboard in the row which has the checkbox selected, under Content paste the Certificate 2 Content

  16. Take note which certificates are the new certificate, when the expiry date of the old certificate occurs, the old certificates will need to be removed (older certificates are at the top of Certificates Table)

  17. Click Submit


Notes

  • The same certificate can be used for signing and encryption.
  • Some services only have 1 certificate, in this case, ignore steps 11-15.



Removing Certificate

When the SAML SSO Certificate expiry date occurs, it will be necessary to remove the expired certificate, the steps for removing the expired certificates:

  1. Login to Cloudwork Dashboard

  2. Navigate to Single Sign On

  3. On the service list, click on the SSO Service which had the certificate renewal

  4. Scroll down to SAML Config and Click Edit

  5. Remove each of the expired Certificates by pressing the remove row button
    Example Certificates Table in Cloudwork: Expired Certificates are the first and second row


  6. Click submit