To Enable ID-FF XML Signing

1. Login to the console as the top-level administrator.

2. Select the Configuration tab, select Global, and then Liberty ID-FF Service Configuration.

3. Select YES for the XML Signing On attribute and save the configuration.

4. Go to the Federation tab and select the service provider and/or identity provider that needs to be enabled.

5. Under the Common Attributes section, make sure a signing certificate alias is chosen for the provider. Otherwise, you must enter your certification alias.

   If the certificate alias is added or changed, you need to send the new metadata (to be exported using ssoadm CLI) to the remote party to update its metadata.

6. Click Save.

7. Restart the server.