Copy link to clipboard
Copied
I am playing around with the the SAML SP and IdP configurations in CF2021. I am using CF as both IdP and SP.
When I call initSAMLAuthRequest() I receive the following error:
I assume this error is related to the IdP certificate. This certificate is a self-signed certficate that was generated with the following command:
I used the Manual IdP configuration option and pasted the contents of idp.key into the Signing Certificate box without the ----BEGIN|END PRIVATE KEY----- bits. It looks like MIIJQg....Tnw==
If I leave the -----BEGIN PRIVATE KEY----- bits in there then then I receive an error saying "The input string is not base64 encoded. Cannot decode string '-----BEGIN PRIVATE KEY-----MIIJQg...'"
I have not had much luck finding examples of Manual IdP configuration or requirements for certificates. Do I need to import these certificates into the CFAS JKS files? Is there something missing or wrong with how I am generating this certficate?
Any hints?
Answering my own question:
The next issue I encountered was a password incorrect issue when ColdFusion was trying to access the PKCS12/PFX file to get the SAML SP key pair. This was resolved by updating Java in my docker container from the default 11.0.11 that came with the official adobecoldfusion/coldfusion2021:latest image to the current 11.0.22 downloaded from https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html
...Copy link to clipboard
Copied
Answering my own question:
The next issue I encountered was a password incorrect issue when ColdFusion was trying to access the PKCS12/PFX file to get the SAML SP key pair. This was resolved by updating Java in my docker container from the default 11.0.11 that came with the official adobecoldfusion/coldfusion2021:latest image to the current 11.0.22 downloaded from https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html.
I used the following commands to update my CFAS container:
wget -nc https://cfdownload.adobe.com/pub/adobe/coldfusion/java/java11/java11022/jdk-11.0.22_linux-x64_bin.de...
docker cp jdk-11.0.22_linux-x64_bin.deb cfas:/opt
docker exec -itu0 cfas dpkg --install /opt/jdk-11.0.22_linux-x64_bin.deb
docker exec -itu0 cfas sed -i "/java.home=/c\java.home=/usr/lib/jvm/jdk-11-oracle-x64" /opt/coldfusion/cfusion/bin/jvm.config
docker exec -itu0 cfas rm /opt/jdk-11.0.22_linux-x64_bin.deb
docker restart cfas