Hi Jay, The steps in the article should work for the PHP sample also. Are these the steps you executed?
openssl dsaparam -out dsaparam.pem 1024 openssl gendsa -out dsaprivkey.pem dsaparam.pem openssl dsa -in dsaprivkey.pem -outform DER -pubout -out dsapubkey.der openssl pkcs8 -topk8 -inform PEM -outform DER -in dsaprivkey.pem -out dsaprivkey.der -nocrypt openssl req -new -x509 -key dsaprivkey.pem -out dsacert.pem xmlsec1 sign --privkey-pem dsaprivkey.pem --pubkey-der dsapubkey.der -- output out.xml in.xml (in.xml and out.xml would be the SAMLResponse before and after signing) -alex On Nov 19, 3:35 pm, Jay Lee <[EMAIL PROTECTED]> wrote: > I'm attempting to setup SSO for my Google Apps domain with the > ultimate goal of allowing users to login with their existing LDAP > passwords (accounts will be provisioned using the provisioning API). > I managed to get the PHP Reference Implementation working to a degree > for the psosamldemo.net domain by adapting the instructions at: > > http://code.google.com/apis/apps/sso/saml_reference_implementation_we... > > to the PHP code instead of the Java (I chose the PHP code because I > know PHP much better than Java). So I can manage the login to > psosamldemo.net and I can add my custom code to the login() function > so that the username/password entered only works if it exists in my > LDAP tree. Things fall apart though at stage 3 when I try to switch > things over to my own domain. > > First off, the PHP sample code ships with a .key dsa public file and > private .pem file for psosamldemo.net. I'm attempting to generate my > own certificates using OpenSSL, however the docs at: > > http://code.google.com/support/bin/answer.py?answer=71864&topic=12142... > > only describe how to generate .pem or .der private key and a .der > public key, nothing about generating the public .key file and I can't > seem to get xmlsec to take the .der or .pem files. It errors out > with: > > func=xmlSecOpenSSLAppKeyLoadBIO:file=app.c:line=262:obj=unknown:subj=d2i_PrivateKey_bio > and d2i_PUBKEY_bio:error=4:crypto library function failed: > func=xmlSecOpenSSLAppKeyLoad:file=app.c:line=143:obj=unknown:subj=xmlSecOpenSSLAppKeyLoadBIO:error=1:xmlsec > library function failed:filename=dsaprivkey.der;errno=0 > func=xmlSecAppCryptoSimpleKeysMngrKeyAndCertsLoad:file=crypto.c:line=118:obj=unknown:subj=xmlSecCryptoAppKeyLoad:error=1:xmlsec > library function failed:uri=dsaprivkey.der > Error: failed to load private key from "dsaprivkey.der". > Error: keys manager creation failed > > So my question is really, how can I get OpenSSL to generate the > private .pem file and the public .key file? Any other tips here would > be much appreciated. > > Thanks, > > Jay Lee --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
