3. How do I install Shibboleth SP for IIS?
First download the appropriate 32-bit or 64-bit .msi Shibboleth SP installer from the Internet2 downloads site.
Double-click the MSI file that you downloaded, and the installer will show the following dialogue:
Click Next and the following dialogue box will be shown:
Select I accept the license agreement and click Next to see an Information screen.
Read the text if you are not familiar with what the installer will be doing, and click Next to show the Destination Folder screen.
It is recommended that you accept the default destination folder. Click Next to show the Shibd Service screen.
Ensure that the Install Shibd daemon is checked. The default port 1600 should be fine, unless you already run another service on this port in which case you should choose an alternative unused port. Click Next to show the Install ISAPI Filter screen.
Ensure that Install ISAPI filter and configure IIS is checked. Keep the default '.sso' file extension for mapping to the ISAPI handler, and click Next to show the Ready screen.
The installer should be now ready for installation. Click Next to install and configure the SP software.
The installer will go through various stages of installation and configuration.
Eventually the installer will indicate that installation has completed successfully. Click Finish.
A dialogue box will appear indicating that you need to restart your system. Close any other open programs and click Yes to restart the server as directed.
A successful installation will have applied a default configuration to the software. To summarise, the installer will have caused the following to happen:
- Addition of the Shibboleth ISAPI filter (ISAPI Filters)
- Mapping of the .sso file handler to the ISAPI library (Handler Mappings)
- Addition of the Shibboleth ISAPI Extension to the list of permitted extensions (ISAPI and CGI Restrictions)
- Installation and configuration of the shibd service
- Generation of a local self-signed X.509 certificate with corresponding key, to be used for signatures
- A system restart