This space contains the old OpenAthens SP documentation and is no longer maintained.
OpenAthens SP software is already out of support and reached end of life in May 2020.

Check out OpenAthens Keystone instead. It's supercool and makes dealing with SAML much easier.

Search

Skip to end of metadata
Go to start of metadata

The following uses the cross platform open-source Keystore Explorer (http://www.keystore-explorer.org/). Other tools are available.

Create a self-signed certificate in Keystore Explorer

  • Select "Create a new KeyStore"
  • Select JKS and then click OK
  • From the Tools menu select Generate Key Pair (or press CTRL+G)
  • Choose RSA with a keysize of 2048 and click OK
  • Click the book icon next to Name field and fill in Common Name (CN) with your application name and Organization Name (O) with your application host name
  • Click OK and then OK
  • Set the alias to "1" (no quotes)
  • When prompted for a new password just click OK
  • Hopefully you'll see a message saying creation successful
  • Select File -> Save
  • When prompted for password just click OK
  • Save as atacamaKeystore.jks
  • Double click on the newly created key pair
  • Click the PEM button bottom right
  • Copy the PEM including the BEGIN/END CERTIFICATE lines (you will paste it into the dashboard)
  • Move the created keystore to your classpath.

Return to Java installation

Use an existing certificate pair 

When you already have a key pair to use, e.g. if you are upgrading from another type of SAML software such as Shibboleth.

First get your public and private keys ready as separate files, then in Keystore Explorer...

  • Select "Create a new KeyStore"
  • Select JKS and then click OK
  • Tools > Import key pair
  • Select the type you are importing from (usually OpenSSL)
  • Import the files, decrypting as necessary
  • Set the alias to "1" (no quotes)
  • When prompted for a new password just click OK
  • Hopefully you'll see a message saying creation successful
  • Select File -> Save
  • When prompted for password just click OK
  • Save as atacamaKeystore.jks
  • Double click on the newly created key pair
  • Click the PEM button bottom right
  • Copy the PEM including the BEGIN/END CERTIFICATE lines (you will paste it into the dashboard)
  • Move the created keystore to your classpath.

 

Return to Java installation

  • No labels