News‎ > ‎

ProtectNetwork Makes SAML ECP Generally Available

posted Sep 6, 2011, 12:06 PM by Jim Basney
Recently CILogon announced support for SAML ECP, which allows users to authenticate and obtain a certificate on the command-line, completely outside the web browser. However, since SAML ECP is not (yet) widely adopted by InCommon members, it was not generally available -- until now. InCommon member ProtectNetwork now supports SAML ECP, so anyone can sign up for a ProtectNetwork account and obtain certificates from CILogon on the command-line. For example:

$ curl -sO
$ perl --get cert -c create -k userkey.pem -o usercert.pem -t 12
Select an Identity Provider (IdP):
  1> CILogon Test IdP
  2> LTER Network
  3> ProtectNetwork
  4> University of Chicago
  5> University of Washington
  6> Specify the URL of another IdP

Choose [1]: 3
Enter a username for the Identity Provider: jbasney
Enter a password for the Identity Provider: ********
$ openssl x509 -subject -noout < usercert.pem
subject= /DC=org/DC=cilogon/C=US/O=ProtectNetwork/CN=Jim Basney A685