Variable | SAML_ALTERNATIVE_IDP_CERTIFICATE | |
Description | Provides an alternative certificate for authentication |
This variable is used to provide an alternative certificate for authentication, which useful for certificate rotation: see Certificate Rotation.
The certificate must be in PEM format (see Privacy-Enhanced Mail).
ini
AUTHENTICATION_METHOD=saml
PUBLIC_URL=$YOUR_SERVER_BASE_URL
SAML_IDP_SIGN_ON_URL=$IDP_SIGNON_URL
SAML_IDP_ENTITY_ID=$IDP_ENTITY_ID
SAML_IDP_CERTIFICATE=$PATH_TO_PEM
SAML_ALTERNATIVE_IDP_CERTIFICATE=$PATH_TO_PEM
AUTO_CREATE_USER_ON_SUCCESSFUL_LOGIN=true
$PATH_TO_PEM
might be
/home/humio/GoogleIDPCertificate-humio.com.pem
.
See also SAML_IDP_SIGN_ON_URL
.