AD FS certificates

Brian Stringfellow 6 Reputation points
2021-09-03T17:30:29.697+00:00

Hello,
I am trying to set up single sign-on with Zabbix. The part I am stuck on is importing the certificates:

To use SAML authentication Zabbix should be configured in the following way:

  1. Private key and certificate should be stored in the ui/conf/certs/, unless custom paths are provided in zabbix.conf.php.

By default, Zabbix will look in the following locations:

ui/conf/certs/sp.key - SP private key file
ui/conf/certs/sp.crt - SP cert file
ui/conf/certs/idp.crt - IDP cert file

How do I get these certificates from AD FS?
Thank you

Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,215 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Pierre Audonnet - MSFT 10,166 Reputation points Microsoft Employee
    2021-09-07T17:45:27.64+00:00

    For these two it is up to the SP owner to provide them.

    ui/conf/certs/sp.key - SP private key file
    ui/conf/certs/sp.crt - SP cert file

    This one in in the federation metadata:

    ui/conf/certs/idp.crt - IDP cert file

    URL is https://<adfs URL>/FederationMetadata/2007-06/FederationMetadata.xml it is in base64 within the file.

    0 comments No comments