Thanks for your help Alex. Yes I'm getting some help at the simpleSAMLphp group. I'm now giving the latest version another go...things are going better this time...will post the solution to my problem when I get there :)
Regards George 2008/10/15 Alex (Google) <[EMAIL PROTECTED]> > > Hi George, > > It looks like you're getting some help over at the simpleSAMLphp > group. > > If you've doublechecked the path to xmlsec is correct, the error > message about xmlsec could indicate that the PHP script is executing > as a user who does not have execute privileges to that path and file. > That user will also need privileges to write and delete the temp file, > wherever that is located. > > -alex > > On Oct 14, 11:14 am, "George Farrugia" <[EMAIL PROTECTED]> wrote: > > Hi > > > > I tried to install a newer version of > > simpleSAMLphp<http://rnd.feide.no/content/installing-simplesamlphp>but > > the process is more complex and it seems that it cannot be installed > > on > > a shared hosting enviornment unless I find a way to set a <VirtualHost> > > in the .htaccess file rather than in httpd.conf file...Is this true? > > > > I also re-tried installing the previous code but yet again I'm getting a > > different error :( This time its about XML : > > > > *Unable to sign XML response. Please ensure that xmlsec is installed, and > > check your keys.* > > Keys should be OK...I installed xmlsec however I'm not sure if the commad > to > > run it is good. I'm using this code: > > > > $cmd = '/home2/gozosemi/keys/libxmlsec/bin/xmlsec sign --privkey-pem ' . > > $privKey . > > ' --pubkey-der ' . $pubKey . ' --output ' . $tempFileName . > > '.out ' . $tempFileName; > > The only thing that I changed is the path in green. > > > > Any ideas please? > > 2008/10/8 George Farrugia <[EMAIL PROTECTED]> > > > > > > > > > Quotes look ok...I think I'll restart afresh...maybe I did something > > > wrong along the way. > > > > > Thanks for your help. > > > > > 2008/10/7 Alex (Google) <[EMAIL PROTECTED]> > > > > >> Hi George, > > > > >> Can you look carefully at the lines with $pubKey and $privKey? Did > > >> you leave out a quote or have an extra quote? If you view your code > > >> in an editor with syntax highlighting it may make it easier to see > > >> where the syntax error is. > > > > >> e.g. > > > > >> $privKey = 'mykey; > > >> $keyType = 'dsa'; > > > > >> -alex > > > > >> On Oct 1, 9:09 am, "George Farrugia" <[EMAIL PROTECTED]> wrote: > > >> > Hi Tony, > > > > >> > Thank you for your insight. > > > > >> > I did that but am still having problems with the code. I am using > > >> > sso-sample-1.0.1-php. If I understood the instructions well, I am > > >> supposed > > >> > to change the following code: > > > > >> > * Stage III: Update the DSA filenames to identify the > locations > > >> of > > >> > * the DSA/RSA keys that digitally sign SAML responses for > your > > >> > * domain. The keys included in the reference implementation > sign > > >> > SAML > > >> > * responses for the psosamldemo.net domain. > > >> > */ > > > > >> > $pubKey = 'keys/DSAPublicKey01.key'; > > >> > $privKey = 'keys/DSAPrivateKey01.pem'; > > >> > $keyType = 'dsa'; > > > > >> > All I think I got is a private key so I set the second line to its > > >> > location....also I'm not sure what key type should be...when I run > the > > >> > demo I get the following error: > > > > >> > *Parse error*: syntax error, unexpected T_STRING in * > > >> > > /mydomain/sso-sample-1.0.1-php/php/SAMLTestTool/process_response.php* on > > >> > line *196* > > >> > Line 196 is $keyType = 'dsa'; > > > > >> > Any help please!!! > > > > >> > 2008/10/1 Tony (Google) <[EMAIL PROTECTED]> > > > > >> > > Hi George, > > > > >> > > You should either upload a public key or certificate to the Google > > >> > > Apps Dashboard. Please store the private key in a secure location > > >> > > where your SSO code can use it to generate signatures for your > SAML > > >> > > responses. > > > > >> > > I hope this helps. > > > > >> > > Thanks, > > > > >> > > --Tony > > > > >> > > On Sep 30, 6:51 am, George <[EMAIL PROTECTED]> wrote: > > >> > > > The problem is on my PC...I managed to do keys and certificate > on an > > >> > > > other PC. However, I'm still not sure if and where I should > upload > > >> the > > >> > > > keys. I uploaded the certificate using Google Apps Dashboard. > > > > >> > > > Any insight will be much appreciated. > > > > >> > > > On Sep 30, 1:21 am, George <[EMAIL PROTECTED]> wrote: > > > > >> > > > > Hi > > > > >> > > > > I'm new to SSO. I've been trying to sort this out for the last > > >> 10hrs > > >> > > > > or so and am getting quite desperate... > > > > >> > > > > I am following the instructions here: > > > > >>http://code.google.com/apis/apps/sso/saml_reference_implementation_we. > > >> > > .. > > > > >> > > > > however, I cannot create the required certifcate as instructed > > >> here: > > > > >> > > > >http://code.google.com/apis/apps/articles/sso-keygen.html > > > > >> > > > > Using openssl I get the following errors: > > > > >> > > > > When creating DSA key: > > >> > > > > OpenSSL> gendsa -out dsaprivkey.pem dsaparam.pem > > >> > > > > : Invalid argument > > >> > > > > 716:error:0200107B:system library:fopen:Unknown > error:.\crypto\bio > > >> > > > > \bss_file.c:35 > > >> > > > > ','rb')('dsaparam.pem > > >> > > > > 716:error:20074002:BIO routines:FILE_CTRL:system > lib:.\crypto\bio > > >> > > > > \bss_file.c:358 > > >> > > > > : > > >> > > > > error in gendsa > > > > >> > > > > and when trying to fill in the certificate: > > > > >> > > > > Country Name (2 letter code) [AU]:mt > > >> > > > > string is too long, it needs to be less than 2 bytes long > > >> > > > > Country Name (2 letter code) [AU]:. > > >> > > > > problems making Certificate Request > > >> > > > > 716:error:0D07A07C:asn1 encoding > > >> routines:ASN1_mbstring_ncopy:illegal > > >> > > > > characters > > >> > > > > :.\crypto\asn1\a_mbstr.c:162: > > >> > > > > error in req > > > > >> > > > > Any help will be much appreciated > > > > >> > > > > thanks > > > > >> > -- > > >> > George > > >> > ____________________________www.isgozo.com > > > > > -- > > > George > > > ____________________________ > > >www.isgozo.com > > > > -- > > George > > ____________________________www.isgozo.com > > > -- George ____________________________ www.isgozo.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
