Before upgrading to SKFS 4.7.0, if you are running a SKFS version lower than 4.6.0, make sure to upgrade to SKFS 4.6.0 first using the upgrade-skfs-4.6.0.sh script. Once you have successfully upgraded to SKFS 4.6.0, you may continue to upgrade to SKFS 4.7.0 using the new upgrade-skfs-4.7.0.sh script.

Editing the upgrade script allows the user to configure details for new updates.

Upgrade Script Configurability

The following configurables have been added to the upgrade-skfs-4.7.0.sh script. These values allow for the configuration of the SKFS SAML response generation during authentication.

SAML_REPONSE : Property to determine if authentication web service should return a SAML Assertion

SAML_CITRIX : Property to determine whether the SKFS is communicating with Citrix ADC as an SP for SAML authentication

SAML_DURATION : Property to determine amount of time a SAML assertion will be active (in minutes)

SAML_KEYGEN_DN : Property to determine the distinguished name of the SAML certificates created

SAML_CERTS_PER_SERVER : Property to determine number of certs are within each clustered server

SAML_TIMEZONE : Property to determine time zone code used for the returned SAML response (case sensitive)

SAML_KEYSTORE_PASS : Property to determine password of SAML keystore

SAML_KEY_VALIDITY : Property to determine how long the key is valid for (in days)

When installing or upgrading to SKFS 4.7.0, a "saml-keys" directory containing all of the generated SAML keys will be created in the /usr/local/strongkey/skfs/keystores directory. These key files can be used by the SAML SP and/or IDP in your authentication environment.