4.0
You are viewing documentation for an older version of Lenses.io View latest documentation here
Keystore
Enable SAML single-sign on by creating a keystore.
- SAML needs a keystore with a generated key-pair.
- SAML uses the key-pair to encrypt its communication with the IdP.
Create a keystore
Use the Java keytool to create one.
keytool \
-genkeypair \
-storetype pkcs12 \
-keystore lenses.p12 \
-storepass my_password \
-alias lenses \
-keypass my_password \
-keyalg RSA \
-keysize 2048 \
-validity 10000
| Setting | Definition |
|---|---|
| storetype | The type of keystore (pkcs12 is industry standard, but jks also supported) |
| keystore | The filename of the keystore |
| storepass | The password of the keystore |
| alias | The name of the key-pair |
| keypass | The password of the key-pair (must be same as storepass for pkcs12 stores) |
Add to configuration
Reference the keystore file’s path and put the password info in the security.conf configuration file.
lenses.security.saml.keystore.location = "/path/to/lenses.p12"
lenses.security.saml.keystore.password = "my_password"
lenses.security.saml.key.password = "my_password"
See all SSO options .