Hi, You should create the certificates using the openssl command, here is an example: http://www.madboa.com/geek/openssl/
I recomend you to try our PHP Sample: http://google-apps-sso-sample.googlecode.com/files/samltool_php.zip If you follow up the code of process_response.php, you can see how a response is generated and signed using xmlsec1. Please let me know if you need more details on this. Julian. On Mar 4, 4:34 am, SSO <[EMAIL PROTECTED]> wrote: > I already gone through these links, but i need some real > time explanation, which might be help me more.i need little more > explanation on this. > > Thanks, > > On Mar 1, 4:05 pm, "Takashi Matsuo" <[EMAIL PROTECTED]> wrote: > > > Hello, > > > This example might be more suitable for you. This is a PHP > > sample.http://code.google.com/p/google-apps-sso-sample/downloads/list > > > Regards, > > > On Sat, Mar 1, 2008 at 7:51 PM, Takashi Matsuo <[EMAIL PROTECTED]> wrote: > > > Hello, > > > > I hope I understand you correctly... > > > > There is a reference implementation in the URL bellow. > > > http://code.google.com/apis/apps/sso/saml_reference_implementation_we... > > > > I hope this implementation will help you. > > > > Regards, > > > > -- matsuo > > > > On Sat, Mar 1, 2008 at 5:56 PM, SSO <[EMAIL PROTECTED]> wrote: > > > > > Hello, > > > > Matsuo, I got this from google search, > > > > ""How does the verification certificate work? > > > > > The certificate file will be an X.509 formatted certificate with an > > > > embedded public key. The public key can use either the DSA or RSA > > > > algorithms. Google uses this key to verify the origination (i.e. Did > > > > the SSO assertion come from you?) and integrity (i.e. Was the > > > > assertion modified during transmission?) of the SAML response you send > > > > to us. > > > > > It is important to match the embedded public key in the X.509 > > > > certificate with the private key you use to sign the SAML Response. > > > > > While we don't currently support a best practice for admins without > > > > existing certificates, X509 certificates generation can be > > > > accomplished using the openssl command. More information"" > > > > > do you know to do integration and to create SAML response? Please > > > > advise me on this > > > > > On Mar 1, 12:02 pm, "Takashi Matsuo" <[EMAIL PROTECTED]> wrote: > > > > > Hi, > > > > > > On Sat, Mar 1, 2008 at 1:05 PM, SSO <[EMAIL PROTECTED]> wrote: > > > > > > > Hi Matsuo, > > > > > > Thanks for your reply. Need 3 things, > > > > > > 1) I have seen that we have to upload public key.then where to > > > place > > > > > > private keys? > > > > > > You can place it in any safety place you like. > > > > > > > 2) Shall i create keys in one machine ane upload that in another > > > > > > machine? > > > > > > I don't think you shall do that. But probably you can do that. > > > > > > > 3) Is there any php tool to create certificate in easy way? > > > > > > There must be openssl php library, and probably you can create > > > > > certificate with it. > > > > > But I think the way I had shown in the former e-mail is easy > > > enough... > > > > > > Regards, > > > > > > -- matsuo > > > > > > > On Feb 29, 6:28 pm, "Takashi Matsuo" <[EMAIL PROTECTED]> wrote: > > > > > > > Hello, > > > > > > > > I always use openssl to generate key pair like following. > > > > > > > > # openssl genrsa -des3 -out privkey.pem 2048 > > > > > > > # openssl rsa -in privkey.pem -out privkey-nopass.pem > > > > > > > # openssl rsa -in privkey-nopass.pem -pubout -outform DER -out > > > publickey.der > > > > > > > > I hope this helps. > > > > > > > > -- matsuo > > > > > > > > On Fri, Feb 29, 2008 at 10:08 PM, SSO <[EMAIL PROTECTED]> wrote: > > > > > > > > > Hello, > > > > > > > > Please explain me step by step process on > > > creating sso > > > > > > > > verification certificate using openssh. > > > > > > > > What are the details we have to pass to the (priv > > > and > > > > > > > > public)keys?Shall i create certificate on one > > > machine(linux) and use > > > > > > > > it on another machine(windows)? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
