7.1 Creating a Circle of Trust

When you create metadata for the Service Provider, the Service Provider entity is added to a circle of trust. A circle of trust is used to group Service Providers and Identity Providers in a secure, trusted environment. Other remote provider entities can be added to the circle of trust. Whenever the SAMLv2 protocol is initiated, the SAMLv2 plug-in determines which circle of trust the requesting entity belongs to, and what other providers are available to interact with it. All entities within the same circle of trust can participate in the SAMLv2 protocols.

To Create a Circle of Trust

As a root user, log into the Federation Manager 1 host.

Run the cotcreate command:

# /opt/SUNWam/saml2/bin/saml2meta -i /var/opt/SUNWam/fm/war_staging 
cotcreate -u amadmin -w 11111111 -t saml2_circle_of_trust 
Circle of trust "saml2_circle_of_trust" is created successfully.

Previous: Chapter 6 Setting Up the Service Provider Keystores
Next: 7.2 Configuring the SAMLv2 Service Provider Metadata