UPDATE ......From Tuesday 8 April 2025 we have changed the way that Single Sign-on works on this wiki. Please see here for more information:
Update
...
- Follow the instructions provided by pyFF Documentation to install pyFF software.
- Create the needed directories:
cd /opt/pyff ; mkdir output ; mkdir certs ; mkdir scripts - Create the certificate and the key needed to sign the output metadata:
- Generate Metadata Signer Key:openssl genrsa -out /opt/pyff/certs/sign.key 2048
- Generate Metadata Signer Certificate:openssl req -key /opt/pyff/certs/sign.key -new -x509 -days 3650 -out /opt/pyff/certs/sign.crt - Download and Check the eduGAIN Signer certificate:
wget wget https://wwwtechnical.edugain.org/mds-2014v2.cer -O /opt/pyff/certs/eduGAIN-signer-ca.pem - Check the signature of the eduGAIN signer certificate:
openssl x509 -fingerprint -in /opt/pyff/certs/eduGAIN-signer-ca.pemThe SHA1 Fingerprint should be 8B:81:7A:0C:F3:F8:35:2F:85:91:9F:11:37:14:3F:98:91:8C:F8:34 - Create the interfederation configuration file(
/opt/pyff/interfederation.fd) by adapting this content to your needs:
...