I wanted to set up Sharefile with SAML Authentication with NetScaler Unified Gateway in my little Demo-/Testenvironment.
I found a useful manual with in the blog of Jason Samuel (Link)
Other than in his article descriped I don’t use an AAA vServer. I use a NetScaler Gateway vServer for the authentication.
After start I failed while testing, until I found a pit within the Sharefile Control Plane with my colleague.
After all settings are done and saved, you should not click “SAVE” again, because with that a new SP certificate will generated:
You should not activate the Web-Authetication because then the plugins will not work properly (the Website is shown within the plugins instead the origin function).
For the case that you don’t want to renew your own SAML certificate to often, you can create the IDP (x.509) certificate with your own CA with a longer expiration period. The FQDN must not be the same like the FQDN of the IDP:
Source: www.jasonsamuel.com
Script: NS-Sharefile