3. How do I install Shibboleth SP for IIS?

First download the appropriate 32-bit or 64-bit .msi Shibboleth SP installer from the Internet2 downloads site.

Double-click the MSI file that you downloaded, and the installer will show the following dialogue:

Installer Welcome Screen

Click Next and the following dialogue box will be shown:

License Confirmation Screen

Select I accept the license agreement and click Next to see an Information screen.

Installation Information Screen

Read the text if you are not familiar with what the installer will be doing, and click Next to show the Destination Folder screen.

Destination Folder Screen

It is recommended that you accept the default destination folder. Click Next to show the Shibd Service screen.

Set Up Service Screen

Ensure that the Install Shibd daemon is checked. The default port 1600 should be fine, unless you already run another service on this port in which case you should choose an alternative unused port. Click Next to show the Install ISAPI Filter screen.

Set Up ISAPI Filter Screen

Ensure that Install ISAPI filter and configure IIS is checked. Keep the default '.sso' file extension for mapping to the ISAPI handler, and click Next to show the Ready screen.

Ready For Installation Screen

The installer should be now ready for installation. Click Next to install and configure the SP software.

Installation In Progress Screen

The installer will go through various stages of installation and configuration.

Installation Complete Screen

Eventually the installer will indicate that installation has completed successfully. Click Finish.

Restart Dialogue Box

A dialogue box will appear indicating that you need to restart your system. Close any other open programs and click Yes to restart the server as directed.

A successful installation will have applied a default configuration to the software. To summarise, the installer will have caused the following to happen:

  • Addition of the Shibboleth ISAPI filter (ISAPI Filters)
  • Mapping of the .sso file handler to the ISAPI library (Handler Mappings)
  • Addition of the Shibboleth ISAPI Extension to the list of permitted extensions (ISAPI and CGI Restrictions)
  • Installation and configuration of the shibd service
  • Generation of a local self-signed X.509 certificate with corresponding key, to be used for signatures
  • A system restart

Up: Contents Previous: 2. What are the system prerequisites? Next: 4. How do I configure the Shibboleth SP software after installation?