SAML enrollment flow overview
This diagram illustrates the high-level SAML enrollment process for both SAML Service Provider (SP) and SAML Identity Provider (IdP) initiated flows:
Anmerkung
DigiCert® Trust Lifecycle Manager caches the SAML authenticated sessions for up to 30 minutes. After 30 minutes, users will be forced to re-authenticate against their SAML IdP.
The SAML session key is treated as unique, thus preventing from re-using the same SAML response by malicious users.
All SAML IdP assertions must be digitally signed.
Now, check for an issuing CA.