Can Some one provide me the best way to sign the assertion with IDP (Identity Provider) private certificate and encrypt the assertion with the SP(Service Provider) Public Certificate. Any suggestions will be really helpful.
If you’re using the SAML high-level API then you simply specify in the configuration that you want the assertion encrypted and signed and specify the appropriate certificates. The SignAssertion flag specifies that the assertion should be signed using the identity provider’s private key. The EncryptAssertion flag specifies that the assertion should be encrypted using the partner service provider’s public key.
If you’re using the SAML low-level API then the AssertionExample project demonstrates encrypting and signing the assertion.
Wherever possible we recommend using the high-level API as it’s simpler to use.
Thank you. That helped a lot made successfull SSO.