Prerequisites
- Verify whether the identity
provider used by your organization is supported by Cisco Content Security
Management Appliance. The following are the supported identity providers:
-
Microsoft Active Directory Federation Services (AD FS) 2.0
-
Ping Identity PingFederate 7.2
-
Cisco Web Security Appliance 9.1
-
-
Obtain the following certificates that are required to secure the communication between your appliance and the identity provider:
-
If you want your appliance to sign SAML authentication requests or if want your identity provider to encrypt SAML assertions, obtain a self signed certificate or a certificate from a trusted CA and the associated private key.
-
If you want the identity provider to sign SAML assertions, obtain the identity provider’s certificate. Your appliance will use this certificate to verify the signed SAML assertions.
-