Beginning with the 11g Release 2 (11.1.2), the Oracle Access Management Access Manager server (OAM Server) has been integrated with an Oracle Access Management Identity Federation server. All configuration for the Identity Federation server is performed using the Oracle Access Management Console.
Benefits of using the new Identity Federation 11g Release 2 (11.1.2.2) server integrated with Access Manager include:
- Eliminating the need to install and maintain separate servers.
- Simplifying post-install configuration of the federation features, particularly when accessing those features through the Oracle Access Management Console.
- Improving the scalability of the two services working together.
- Providing enhanced diagnostics and troubleshooting.
Enable Identity Federation within the Available Services.
Go to Configuration->Federation Settings
Click Export SAML 2.0 Metadata
Go to Service Provider Administration -> Click Create Identity Provider Partner
Create a IdP with the exported metadata file.
Click "Create Authentication Scheme and Module"
This will create Authentication Scheme configured to be used with above IdP.
Similarly Go to Identity Provider Administration -> Click Create Service Provider Partner ->
Referral Auth Scheme
Referral Auth Module
Go to App Domain -> Domain Name -> Authentication Policies -> Protected Resource Policy -> Change Authentication Scheme -> IdP1FederationScheme
Now we are ready to test
Access the protected resource
you will be redirected to identity provider SAML credential collector page
SAML GET Request
After Successful Login
SAML POST Response
Referral IdP and SP "https___Deepak-PC.mydomain.com_14101_oam_fed.xml" File :-
It contains metadata for both IdP and SP
<?xml version="1.0" encoding="UTF-8"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:enc="http://www.w3.org/2001/04/xmlenc#" xmlns:ns7="urn:oasis:names:tc:SAML:profiles:v1metadata" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="id-0G95cJmk6LYZcGQEqYuHtrUHzJkKkXQCRCfamW-3" cacheDuration="P30DT0H0M0S" entityID="https://Deepak-PC.mydomain.com:14101/oam/fed" validUntil="2014-06-03T17:32:57Z">
<dsig:Signature>
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<dsig:Reference URI="#id-0G95cJmk6LYZcGQEqYuHtrUHzJkKkXQCRCfamW-3">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>xLWmnQkPI7hMhUFE784zWsj3Bo0=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>bKOcap2cBPpRAQs8YuBF0q4VTHgiXWZQP3ZOgACVc7eqxjOg08dHSAXSp1hrLuHUoCkmDRAJOi09uorb+YNvdtqAWUV+WUcjfm0Ge6jJaqJIrf6ADmzKY01ueGVelN2qS7SSviyug3uPmiDENYdCDIvM1UbPloaDpVPEiiq+O3g=</dsig:SignatureValue>
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
</dsig:X509Data>
</dsig:KeyInfo>
</dsig:Signature>
<md:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
</md:KeyDescriptor>
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://Deepak-PC.mydomain.com:14101/oamfed/idp/soap" index="1" isDefault="true" />
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://Deepak-PC.mydomain.com:14101/oamfed/idp/samlv20" ResponseLocation="https://Deepak-PC.mydomain.com:14101/oamfed/idp/samlv20" />
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://Deepak-PC.mydomain.com:14101/oamfed/idp/samlv20" ResponseLocation="https://Deepak-PC.mydomain.com:14101/oamfed/idp/samlv20" />
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://Deepak-PC.mydomain.com:14101/oamfed/idp/samlv20" />
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://Deepak-PC.mydomain.com:14101/oamfed/idp/soap" />
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://Deepak-PC.mydomain.com:14101/oamfed/idp/samlv20" />
</md:IDPSSODescriptor>
<md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
</md:KeyDescriptor>
<md:AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://Deepak-PC.mydomain.com:14101/oamfed/aa/soap" />
<md:AttributeProfile>urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic</md:AttributeProfile>
</md:AttributeAuthorityDescriptor>
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://Deepak-PC.mydomain.com:14101/oamfed/sp/samlv20" ResponseLocation="https://Deepak-PC.mydomain.com:14101/oamfed/sp/samlv20" />
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://Deepak-PC.mydomain.com:14101/oamfed/sp/samlv20" ResponseLocation="https://Deepak-PC.mydomain.com:14101/oamfed/sp/samlv20" />
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://Deepak-PC.mydomain.com:14101/oam/server/fed/sp/sso" index="0" isDefault="true" />
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://Deepak-PC.mydomain.com:14101/oam/server/fed/sp/sso" index="1" />
</md:SPSSODescriptor>
<md:RoleDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor use="signing">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
</md:KeyDescriptor>
<md:KeyDescriptor use="encryption">
<dsig:KeyInfo>
<dsig:X509Data>
<dsig:X509Certificate>MIIB+DCCAWGgAwIBAgIBCjANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZEZWVwYWstUEMubXlkb21haW4uY29tMB4XDTE0MDQxOTE0MTE1MFoXDTI0MDQxNjE0MTE1MFowITEfMB0GA1UEAxMWRGVlcGFrLVBDLm15ZG9tYWluLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv26VHEabPL0pg/18fASQ9lgkE7d7WGDBeTmqcPcMh+/lAv/j0ISZLA1SPk25Z9q03AyrnY49darO3zA8gQt5gymP5G+tr66SCtZc4IZFj7r6e1YlrLXivpTttROMAOxtZQRJVHQl9sT3dApeL2wxNaYxEPcqWiYvoU45jsfSfx0CAwEAAaNAMD4wDAYDVR0TAQH/BAIwADAPBgNVHQ8BAf8EBQMDB9gAMB0GA1UdDgQWBBResQZp6WGrudaKwj2qoq2LCgJA7DANBgkqhkiG9w0BAQQFAAOBgQCDfN+jRHA+4F5SmVG1Gw7lLAGzzMweCgcxz/o0r8KBGdDSZTssI/m7isLuumaSCS98G22Hfr4Qadh+pcHwlaNFOcip4WwII9ag22afaqqXphRKFPUYFxrHCTFGzTOFMNXI3tyPZ6e1L2QCjeM2SHl8omDciSipdID7DmyqW4N2gQ==</dsig:X509Certificate>
<dsig:X509IssuerSerial>
<dsig:X509IssuerName>CN=Deepak-PC.mydomain.com</dsig:X509IssuerName>
<dsig:X509SerialNumber>10</dsig:X509SerialNumber>
</dsig:X509IssuerSerial>
<dsig:X509SubjectName>CN=Deepak-PC.mydomain.com</dsig:X509SubjectName>
</dsig:X509Data>
</dsig:KeyInfo>
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
</md:KeyDescriptor>
</md:RoleDescriptor>
</md:EntityDescriptor>