Multi provider SSO

Neeraj Sharma10 · ‎12-28-2017

Hello experts,

Can anyone help me in understanding what is the significance of Signing/Encryption Key Alias and

Signing/Encryption Key Password in Identity Provider.

I can see the value OOB present in servicenow.

How can we change its value and what is the impact?

corina · ‎12-28-2017

Hello Neeraj.

They represent the following:

Signing/Encryption Key Alias	Enter the alias of the key entry stored in SAML 2.0 SP Keystore.
Signing Key Password	Enter the password of the key entry stored in SAML 2.0 SP Keystore.

Create a SAML 2.0 update 1 SSO configuration for Multi-SSO

By default their value is saml2sp for both alias and password.

You can create your own keystore:

Create a service provider keystore for SAML

Should you choose to do so , I would recommend to update the sys_id here:

https://yourinstance.service-now.com/nav_to.do?uri=sys_properties.do?sys_id=e29b4a13670102009466f1d5...

( sys property glide.authenticate.sso.saml2.keystore)

Neeraj Sharma10 · ‎01-04-2018

Hello Corina,

Thanks for your response,

After reading the above I have couple of doubts in my mind!

Whar is impact of changing of

Signing/Encryption Key Alias and

Signing/Encryption Key Password in Adfs authenication.

Where can we provide the level of security OOB provide?

and I am not able find find (sys property glide.authenticate.sso.saml2.keystore) in our system! Version is Jakarta.

Thanks
Neeraj Sharma

corina · ‎01-05-2018

Hello Neeraj.

I can see lks answered here.

About the property, for the time being you can ignore it.

Neeraj Sharma10 · ‎01-08-2018

Hi Corina,

Thanks for your reply.

Yes He answered but there are few more thing which i need to understand.

As, I am new to ADFS and multiprovider module SSO of servicenow, I dn't know this makes sense or not..
but if We have not enabled "Sign AuthnRequest" checkbox in our instance that means we do not require Signing/Encryption Key Alias and java keystore certificate related to that?

Thanks

Neeraj