Enable encrypted SAML responses between ETP and AD FS

To enable communication with encrypted SAML responses, configure both ETP and AD FS. This is an optional configuration.
  1. Configure ETP to send encrypted SAML responses.
  2. Configure AD FS for sending encrypted SAML responses.

Configure ETP to send encrypted SAML responses

Complete this procedure to configure ETP to send encrypted SAML responses.

How to

  1. Return to ETP and open the IdP you created for AD FS.
    1. In the ETP navigation menu, select Identity > Identity Providers.
      Note: If you are trying the new Enterprise Center interface, in the navigation menu, select Identity & Users > Identity Providers.
    2. Click the name of the IdP you created for AD FS.
  2. Under Authentication Configuration settings, select Encrypted SAML Response.
  3. Click Save.

Next steps

  1. Deploy the IdP configuration. For more information, see Deploy configuration changes.
  2. Configure AD FS for sending encrypted SAML responses

Configure AD FS for sending encrypted SAML responses

Complete this procedure to configure AD FS for sending encrypted SAML responses.

How to

  1. Return to the relying party trust. For example, IDP-RPT.
  2. In AD FS manager, edit properties of relying party trust.
  3. Under Encryption tab, click Browse.
  4. Navigate to the certificate file cert.cer file.
  5. Click OK.