Setting up the certificate trust store for SAML signature validation

Once you have the trust store, specify the trust store file and password in the Sametime configuration. If you plan to use the same trust store for TLS and SAML, or if you are not using TLS, then only a single trust store file is needed in the Sametime configuration. In this case, it is recommended that you use the TLS configuration settings, in the Integrated Solutions Console. At a minimum, specify the trust store file and password in the "Server application connections" column. For a complete list of available settings, see the topic Setting up TLS configuration. Each setting is described in the topic Setting up TLS configuration. Any value that is set in the "Server application connections" column is used for SAML, unless there is a corresponding "STSAML_" setting that overrides it. For example, if "Trust store file" in the "Server application connections" column is set to tls.p12, and STSAML_TRUST_STORE_FILE is not present in sametime.ini, then SAML signatures are validated against tls.p12. However, if the sametime.ini contains STSAML_TRUST_STORE_FILE=saml.p12, then SAML signatures are validated against saml.p12.