Skip to content

Releases: MobileID-Strong-Authentication/mobileid-enabler-adfs

v1.3.4.0 for Windows Server 2016, 2019, 2022

19 Apr 07:14
@phaupt phaupt
v1.3.4.0
a613932
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.4.0 for Windows Server 2016, 2019, 2022 Latest
Latest

Created Version 1.3.4.0 which includes a fix for issue #16

This release supports the configuration of multiple MFA methods in AD FS.

Assets 4
Loading

v1.3.3.0 for Windows Server 2016, 2019, 2022

11 Feb 06:45
@phaupt phaupt
v1.3.3.0
b845c49
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.3.0 for Windows Server 2016, 2019, 2022

Created Version 1.3.3.0 which includes a fix for issue #11

Some of the configuration parameter names have been renamed:

  • Configuration Parameter SslRootCaCertDN removed
  • Renamed Configuration Parameter SslKeystore to SslMidClientKeystore
  • Renamed Configuration Parameter SslCertThumbprint to SslMidClientCertThumbprint
  • Renamed Configuration Parameter SslRootCaCertFiles to SignRespCertFiles
  • Renamed Configuration Parameter DisableSignatureValidation to DisableSignRespValidation
  • Renamed Configuration Parameter DisableSignatureCertValidation to DisableSignRespCertValidation

Obsolete configuration example of previous releases:

  <mobileIdClient
    AP_ID = "mid://adfs-dev.swisscom.ch"
    SslKeystore = "LocalMachine"
    SslCertThumbprint = "19cb073f974729d9fec8cb1a0c50866886fcdeba"
    SslRootCaCertDN = "C=CH, O=Swisscom, OID.2.5.4.97=VATCH-CHE-101.654.423, OU=Digital Certificate Services, CN=Swisscom Root CA 4"
    SslRootCaCertFiles = "C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_2.crt;C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_4.crt" 
    SignatureProfile = "http://mid.swisscom.ch/Any-LoA4"
    DtbsPrefix = "ADFS Demo: "
    RequestTimeOutSeconds = "60"
    PollResponseIntervalSeconds = "1"
    PollResponseDelaySeconds = "3"
    ServiceUrlPrefix  = "https://mobileid.swisscom.com/soap/services/"
    SecurityProtocolType = "Tls12"
    EnableSubscriberInfo = "false"
    DisableSignatureValidation = "false"
    DisableSignatureCertValidation = "false"
  />

With this release, please use the new configuration parameter names as shown below.
Note that the parameter SslRootCaCertDN is no longer used.

  <mobileIdClient
    AP_ID = "mid://adfs-dev.swisscom.ch"
    SslMidClientKeystore = "LocalMachine"
    SslMidClientCertThumbprint = "19cb073f974729d9fec8cb1a0c50866886fcdeba"
    SignRespCertFiles = "C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_2.crt;C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_4.crt" 
    SignatureProfile = "http://mid.swisscom.ch/Any-LoA4"
    DtbsPrefix = "ADFS Demo: "
    RequestTimeOutSeconds = "60"
    PollResponseIntervalSeconds = "1"
    PollResponseDelaySeconds = "3"
    ServiceUrlPrefix  = "https://mobileid.swisscom.com/soap/services/"
    SecurityProtocolType = "Tls12"
    EnableSubscriberInfo = "false"
    DisableSignRespValidation = "false"
    DisableSignRespCertValidation = "false"
  />
Assets 4
Loading

v1.3.2.0 for Windows Server 2016 / 2022

03 Feb 13:29
@phaupt phaupt
v1.3.2.0
01c3e1f
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.3.2.0 for Windows Server 2016 / 2022

Created Version 1.3.2.0 which includes a fix for issue #1, #5 and #7

Modified CertificateChain validation.
Added config-params for custom Root Certificates.
Added new config-param for SignatureProfile.

Example configuration xml:

<appConfig>
   <!-- possible values for SslRootCaCertFiles: any path to cert files, multiple paths seperated by semicolon, default is empty -->
   <!-- possible values for SignatureProfile: any string with valid Profile, default if empty: http://mid.swisscom.ch/MID/v1/AuthProfile1 -->
   <mobileIdClient
    AP_ID = "mid://ap.mycompany.ch"
    SslKeystore = "LocalMachine"
    SslCertThumbprint = "19cb073f974729d9fec86ca5912ac66886fcdeba"
    SslRootCaCertDN="C=CH, O=Swisscom, OID.2.5.4.97=VATCH-CHE-101.654.423, OU=Digital Certificate Services, CN=Swisscom Root CA 4"
    SslRootCaCertFiles="C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_2.crt;C:\Program Files (x86)\MobileIdAdfs\v1.3\certs\Swisscom_Root_CA_4.crt" 
    SignatureProfile="http://mid.swisscom.ch/Any-LoA4"
    DtbsPrefix = "ADFS Demo: "
    RequestTimeOutSeconds = "60"
    PollResponseIntervalSeconds = "1"
    PollResponseDelaySeconds = "3"
    ServiceUrlPrefix  = "https://mobileid.swisscom.com/soap/services/"
    SecurityProtocolType = "Tls12"
    EnableSubscriberInfo = "false"
    DisableSignatureValidation = "false"
    DisableSignatureCertValidation = "false"
  />
  <mobileIdAdfs
    AdAttrMobile = "mobile"
    AdAttrMidSerialNumber = "serialNumber"
    ShowDebugMsg = "true"
    LoginPrompt.en = "Demo Login with mobileID? Session ID (#TransId#)"
    LoginPrompt.de = "Demo Login mit mobileID? Session ID (#TransId#)"
    LoginPrompt.fr = "Demo Login avec mobileID? Session ID (#TransId#)"
    LoginPrompt.it = "Demo Login con mobileID? Session ID (#TransId#)"
  />
</appConfig>

If DisableSignatureCertValidation configured true no chain-validation is made even if there are configured SslRootCaCertFiles.

Assets 3
Loading

v1.2.0.0 for Windows Server 2012 R2

10 Dec 11:38
@phaupt phaupt
v1.2.0.0
2ab2452
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.2.0.0 for Windows Server 2012 R2

Initial Release - v1.2.0.0 for Windows Server 2012 R2

Assets 4
Loading