Releases: MobileID-Strong-Authentication/mobileid-enabler-adfs
Releases · MobileID-Strong-Authentication/mobileid-enabler-adfs
v1.3.4.0 for Windows Server 2016, 2019, 2022
v1.3.3.0 for Windows Server 2016, 2019, 2022
Created Version 1.3.3.0 which includes a fix for issue #11
Some of the configuration parameter names have been renamed:
- Configuration Parameter
SslRootCaCertDN
removed - Renamed Configuration Parameter
SslKeystore
toSslMidClientKeystore
- Renamed Configuration Parameter
SslCertThumbprint
toSslMidClientCertThumbprint
- Renamed Configuration Parameter
SslRootCaCertFiles
toSignRespCertFiles
- Renamed Configuration Parameter
DisableSignatureValidation
toDisableSignRespValidation
- Renamed Configuration Parameter
DisableSignatureCertValidation
toDisableSignRespCertValidation
Obsolete configuration example of previous releases:
<mobileIdClient
AP_ID = "mid://adfs-dev.swisscom.ch"
SslKeystore = "LocalMachine"
SslCertThumbprint = "19cb073f974729d9fec8cb1a0c50866886fcdeba"
SslRootCaCertDN = "C=CH, O=Swisscom, OID.2.5.4.97=VATCH-CHE-101.654.423, OU=Digital Certificate Services, CN=Swisscom Root CA 4"
SslRootCaCertFiles = "C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_2.crt;C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_4.crt"
SignatureProfile = "http://mid.swisscom.ch/Any-LoA4"
DtbsPrefix = "ADFS Demo: "
RequestTimeOutSeconds = "60"
PollResponseIntervalSeconds = "1"
PollResponseDelaySeconds = "3"
ServiceUrlPrefix = "https://mobileid.swisscom.com/soap/services/"
SecurityProtocolType = "Tls12"
EnableSubscriberInfo = "false"
DisableSignatureValidation = "false"
DisableSignatureCertValidation = "false"
/>
With this release, please use the new configuration parameter names as shown below.
Note that the parameter SslRootCaCertDN
is no longer used.
<mobileIdClient
AP_ID = "mid://adfs-dev.swisscom.ch"
SslMidClientKeystore = "LocalMachine"
SslMidClientCertThumbprint = "19cb073f974729d9fec8cb1a0c50866886fcdeba"
SignRespCertFiles = "C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_2.crt;C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_4.crt"
SignatureProfile = "http://mid.swisscom.ch/Any-LoA4"
DtbsPrefix = "ADFS Demo: "
RequestTimeOutSeconds = "60"
PollResponseIntervalSeconds = "1"
PollResponseDelaySeconds = "3"
ServiceUrlPrefix = "https://mobileid.swisscom.com/soap/services/"
SecurityProtocolType = "Tls12"
EnableSubscriberInfo = "false"
DisableSignRespValidation = "false"
DisableSignRespCertValidation = "false"
/>
v1.3.2.0 for Windows Server 2016 / 2022
Created Version 1.3.2.0 which includes a fix for issue #1, #5 and #7
Modified CertificateChain validation.
Added config-params for custom Root Certificates.
Added new config-param for SignatureProfile.
Example configuration xml:
<appConfig>
<!-- possible values for SslRootCaCertFiles: any path to cert files, multiple paths seperated by semicolon, default is empty -->
<!-- possible values for SignatureProfile: any string with valid Profile, default if empty: http://mid.swisscom.ch/MID/v1/AuthProfile1 -->
<mobileIdClient
AP_ID = "mid://ap.mycompany.ch"
SslKeystore = "LocalMachine"
SslCertThumbprint = "19cb073f974729d9fec86ca5912ac66886fcdeba"
SslRootCaCertDN="C=CH, O=Swisscom, OID.2.5.4.97=VATCH-CHE-101.654.423, OU=Digital Certificate Services, CN=Swisscom Root CA 4"
SslRootCaCertFiles="C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_2.crt;C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_4.crt"
SignatureProfile="http://mid.swisscom.ch/Any-LoA4"
DtbsPrefix = "ADFS Demo: "
RequestTimeOutSeconds = "60"
PollResponseIntervalSeconds = "1"
PollResponseDelaySeconds = "3"
ServiceUrlPrefix = "https://mobileid.swisscom.com/soap/services/"
SecurityProtocolType = "Tls12"
EnableSubscriberInfo = "false"
DisableSignatureValidation = "false"
DisableSignatureCertValidation = "false"
/>
<mobileIdAdfs
AdAttrMobile = "mobile"
AdAttrMidSerialNumber = "serialNumber"
ShowDebugMsg = "true"
LoginPrompt.en = "Demo Login with mobileID? Session ID (#TransId#)"
LoginPrompt.de = "Demo Login mit mobileID? Session ID (#TransId#)"
LoginPrompt.fr = "Demo Login avec mobileID? Session ID (#TransId#)"
LoginPrompt.it = "Demo Login con mobileID? Session ID (#TransId#)"
/>
</appConfig>
If DisableSignatureCertValidation configured true no chain-validation is made even if there are configured SslRootCaCertFiles.
v1.2.0.0 for Windows Server 2012 R2
Initial Release - v1.2.0.0 for Windows Server 2012 R2