Installation

Section Topics

Compilation and installation of the OpenID Connect plugin is done per the following instructions:

We will review the installation steps but use the pre-installed virtual machines for the remainder of the course.

Exercises

Exercise 1.2 - Initial configuration

First configuration 

  1. Become root and set the environment variables

    [/opt/shibboleth-idp] sudo -i
[/opt/shibboleth-idp] source /etc/default/shibboleth-idp

  2. Set your Shibboleth IdP issuer that is used as your OpenID Provider identifier. Use the IP address provided to you by course personnel

    nano /opt/shibboleth-idp/conf/idp-oidc.properties

# Set the Open ID Connect Issuer value
idp.oidc.issuer = https://xx.xx.xx.xx

  3. Verify the necessary keys. The necessary cryptographic keys are automatically created for you. In actual use you must create your own set of keys. Use https://IP_ADDRESS/idp/profile/oidc/keyset to view the used keys. 

  4. Verify the logging level for the OpenID extension. More detailed options available in the extension wiki.

    nano +40 /opt/shibboleth-idp/conf/logback.xml 

    <!-- =========================================================== -->
    <!-- ============== Logging Categories and Levels ============== -->
    <!-- =========================================================== -->

    <logger name="org.geant" level="ALL"/>

  5. Restart the IdP to apply the configured settings.

    Hints, Tips and Result 
    [root@gn43-oidcshibop-devel vagrant]# systemctl stop shibboleth-idp
[root@gn43-oidcshibop-devel vagrant]# systemctl start shibboleth-idp
  • No labels