Cisco Cisco Web Security Appliance S670 Betriebsanweisung

If you intend to use multiple Web Security appliances with SaaS Access Control, 
you must enter the same Identity Provider Domain Name for each Web Security 
appliance. If you have only one appliance, you can use the appliance hostname as 
the Identity Provider Domain Name. For more information, see 

In the Identity Provider Entity ID field, enter the text you want to use that 
uniquely identifies this Web Security appliance as an identity provider to all SaaS 
applications it will communicate with.

A URI format based string is recommended, but you can enter any unique string. 
The URI string does not have to be network accessible. Record the value you enter 
here because you will need to use the same value when you configure the SaaS 
application for single sign-on. 

If you intend to use multiple Web Security appliances with SaaS Access Control, 
you must enter the same Identity Provider Entity ID for each Web Security 
appliance. For more information, see 

Configure a signing certificate the appliance should use when it communicates 
using a secure connection (in the SAML flow) with service providers. You can use 
either of the following methods to configure the certificate: 

Generated certificate and key. Go to step 

 on page 9.

Uploaded certificate and key. Go to step 

 on page 10.

If the appliance has both an uploaded certificate and key pair and a 
generated certificate and key pair, it only uses the certificate and key pair 
currently selected in the Signing Certificate section.

To generate a certificate and key:

Click the Use Generated Certificate and Key option.

Click Generate New Certificate and Key.

In the Generate Certificate and Key dialog box, enter the information to 
display in the signing certificate.