SimpleSAMLphp in Drupal is great, but documentation around a secure setup is lacking. So, here's that.
tldr;
- Set a
SIMPLESAMLPHP_CONFIG_DIR
environment variable to point to a committed config directory (typically, I set it toconfig/simplesaml/config
). - In that config directory, copy the the appropriate template config files with the sensitive data set to look at environment variables (e.g. Replace the original
saml20-idp-remote.php
hash value withgetenv('SIMEPLE_SAML_METADATA_CERT_KEY')
). - supply saml.crt and saml.pem SSL uncommitted certs to the certdir configured in config/simplesamlphp/config/config.php.
Top comments (0)