Install SP 2.6 on RedHat Linux 6/7
OIT provides a yum repository of added software for RedHat-based Linux 6 and 7 machines. We have already imported the Native Service Provider and all of its dependent packages into this repo. Packages are available for RHEL/CentOS 6 and 7, for x86_64 architectures.
If your server is running 32-bit RHEL6 i686, please see the old Install SP 2.5 on Realm Linux 6 instructions for using the deprecated vision3 yum repository.
Add the vision4 yum repo to your server
Login to your server and become root. Run these commands to install our repo files:
cd /etc/yum.repos.d wget http://install.linux.ncsu.edu/pub/yum/OIT/vision4/vision4.repo
Download and install the signing certificate used to verify our repo.
rpm --import http://install.linux.ncsu.edu/pub/yum/OIT/vision4/RPM-GPG-KEY-vision4-repo
Now you can verify that the repo is being used by looking for the SP package named "shibboleth".
yum search shibboleth # returns ... shibboleth.x86_64 : Open source system for attribute-based Web SSO
Install the SP software using yum
On your server, still as root, run yum to install the shibboleth package and its dependencies.
yum install shibboleth
It should return a list of packages that will be installed. Your versions and architecture will probably be different from this example:
Installing: shibboleth x86_64 2.5.5-2.1.vision4.el6 vision4 1.3 M Installing for dependencies: libcurl-openssl x86_64 7.43.0-1.1.vision4.el6 vision4 197 k liblog4shib1 x86_64 1.0.9-1.1.vision4.el6 vision4 68 k libsaml8 x86_64 2.5.5-1.1.vision4.el6 vision4 930 k libxerces-c-3_1 x86_64 3.1.2-1.1.vision4.el6 vision4 899 k libxml-security-c17 x86_64 1.7.3-1.1.vision4.el6 vision4 285 k libxmltooling6 x86_64 1.5.5-1.1.vision4.el6 vision4 675 k opensaml-schemas x86_64 2.5.5-1.1.vision4.el6 vision4 30 k xmltooling-schemas x86_64 1.5.5-1.1.vision4.el6 vision4 12 k
If your installation looks right, answer "Is this ok" with "y" and let it proceed.
- shibd - a new service.
- /etc/shibboleth - default directory for config files for shibd.
- /etc/httpd/conf.d/shib.conf - Apache httpd module config file.
The shibd service can be started for initial testing without performing any configuration. This test will only ensure that the pieces start correctly.
On your server, still as root, restart the shibd and httpd services.
service shibd start service httpd restart
The default httpd shib module creates a handler URL on your server at the URL path /Shibboleth.sso. You can verify this handler is running by making a Status request from the localhost.
wget -O - http://localhost/Shibboleth.sso/Status
This should return quickly with an XML document on STDOUT. If it does, you are ready to proceed with Configuration.