Shibboleth at NC State » Technical Documentation » SP Installation » Install SP 2.6 on RedHat Linux 6/7

Install SP 2.6 on RedHat Linux 6/7

OIT provides a yum repository of added software for RedHat-based Linux 6 and 7 machines. We have already imported the Native Service Provider and all of its dependent packages into this repo. Packages are available for RHEL/CentOS 6 and 7, for x86_64 architectures.

If your server is running 32-bit RHEL6 i686, please see the old Install SP 2.5 on Realm Linux 6 instructions for using the deprecated vision3 yum repository.

Add the vision4 yum repo to your server

Login to your server and become root. Run these commands to install our repo files:

cd /etc/yum.repos.d

Download and install the signing certificate used to verify our repo.

rpm --import

Now you can verify that the repo is being used by looking for the SP package named "shibboleth".

yum search shibboleth
# returns ...
shibboleth.x86_64 : Open source system for attribute-based Web SSO

Install the SP software using yum

On your server, still as root, run yum to install the shibboleth package and its dependencies.

yum install shibboleth

It should return a list of packages that will be installed. Your versions and architecture will probably be different from this example:

 shibboleth            x86_64   2.5.5-2.1.vision4.el6     vision4   1.3 M
Installing for dependencies:
 libcurl-openssl       x86_64   7.43.0-1.1.vision4.el6    vision4   197 k
 liblog4shib1          x86_64   1.0.9-1.1.vision4.el6     vision4    68 k
 libsaml8              x86_64   2.5.5-1.1.vision4.el6     vision4   930 k
 libxerces-c-3_1       x86_64   3.1.2-1.1.vision4.el6     vision4   899 k
 libxml-security-c17   x86_64   1.7.3-1.1.vision4.el6     vision4   285 k
 libxmltooling6        x86_64   1.5.5-1.1.vision4.el6     vision4   675 k
 opensaml-schemas      x86_64   2.5.5-1.1.vision4.el6     vision4    30 k
 xmltooling-schemas    x86_64   1.5.5-1.1.vision4.el6     vision4    12 k

If your installation looks right, answer "Is this ok" with "y" and let it proceed.

This installs:

Initial testing

The shibd service can be started for initial testing without performing any configuration. This test will only ensure that the pieces start correctly.

On your server, still as root, restart the shibd and httpd services.

service shibd start
service httpd restart

The default httpd shib module creates a handler URL on your server at the URL path /Shibboleth.sso. You can verify this handler is running by making a Status request from the localhost.

wget -O - http://localhost/Shibboleth.sso/Status

This should return quickly with an XML document on STDOUT. If it does, you are ready to proceed with Configuration.