Sign Up ›
  • sf_eliot
  • NEWBIE
  • 0 Points
  • Member since 2010
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 2
    Questions
  • 1
    Replies
2 replies

Salesforce as Identity Provider - Logging Saml Transaction

I am trying to use the "Identity Provider" operations in Salesforce to connect to another service provider and am having some issues.  There are Identity Provider Error Log functions provided under the Manage Users menu, but I cannot seem to get these to work.  Is there any way of logging and reviewing the outgoing SAML transaction so that I can verify what is being provided to the remote service provider?

 

2 replies

Third Party Web Service Calls with PEM Certificate

I are trying to make web service calls from APEX code to a third-party web service.   The third-party has provided a certificate in the PEM format.  A test application, written outside of Salesforce, verfies that the web services are accessable with the provided certificate.  When re-coded to work inside the APEX, the HttpRequest is denied due to certificate issues.

 

I have discovered two mechanisms for aligning the certificate with the outgoing message.

 

1.  Salesforce provides "Certficate and Key Management."  Download an unsigned key from Salesforce, sign it, upload it.  Unfortunately, I cannot sign on behalf of the third party, and if I switch the certificates and upload the signed one, Salesforce is quick to identifiy that a switch has taken place and terminates the process.

 

2. Hard code the certificate into the request with the deprecated call "setClientCertificate".  This seems to have no effect.   I speculate that it will only work with a PKCS#12 certificate.  I have a PEM key.

 

I must be missing a step in the process, so any help would be appreciated.

 

 

2 replies

Third Party Web Service Calls with PEM Certificate

I are trying to make web service calls from APEX code to a third-party web service.   The third-party has provided a certificate in the PEM format.  A test application, written outside of Salesforce, verfies that the web services are accessable with the provided certificate.  When re-coded to work inside the APEX, the HttpRequest is denied due to certificate issues.

 

I have discovered two mechanisms for aligning the certificate with the outgoing message.

 

1.  Salesforce provides "Certficate and Key Management."  Download an unsigned key from Salesforce, sign it, upload it.  Unfortunately, I cannot sign on behalf of the third party, and if I switch the certificates and upload the signed one, Salesforce is quick to identifiy that a switch has taken place and terminates the process.

 

2. Hard code the certificate into the request with the deprecated call "setClientCertificate".  This seems to have no effect.   I speculate that it will only work with a PKCS#12 certificate.  I have a PEM key.

 

I must be missing a step in the process, so any help would be appreciated.