Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Service Manager9.51

Administer > System security > SAML Single Sign-On > SAML Single Sign-On setup > Create an IdM client trust store

Create an IdM client trust store

Each IdM client can connect to the IdM server over https or http. If you want to use https, you need to specify whether and how the IdM client should verify the IdM server certificate. The SAML SSO solution provides two options:

Trust all https servers
Trust only servers whose public key is contained in the client trust store

Trust all https servers

If this option is used, the IdM client will skip https server verification and trust all https servers, including the IdM server. This option simplifies the SAML SSO setup procedure but does not provide the best security. It is therefore not recommended for production environments. You can use this option for testing and demonstration purposes.

To use this option, on the SM web tier, SRC, or Mobility Client side, set the idm.ssl.trustAll paramter to true (default: false). For details, see SAML Single Sign-On setup.

Trust only servers whose public key is contained in the client trust store

This option provides the best security and is therefore strongly recommended for production environments.

When the IdM client connects to the IdM server over https, this option requires you to configure the IdM client so that it trusts the IdM server only when the server's public key is contained in the client's trust keystore. If the IdM server is deployed as https, you need to create a trust keystore locally for the IdM client and import the IdM server's public key into the trust keystore.

To use this option, perform the following steps:

Create a trust store (that is, a trusted keystore) for each IdM client (SM web tier, SRC, or Mobility Client). For example, create a trust store file named trustStore.keystore. This step includes generating a keystore file and importing the public key of the IdM server certificate into this keystore.

For details, see Install and configure the HPE Identity Manager service.
Copy the trust store file to a directory on the SM web tier, SRC, or Mobility Client host. For example, copy it to their WEB-INF\ folder.
On the SM web tier, SRC, or Mobility Client side, set the idm.ssl.trustAll paramter to false (default) and configure the IdM trust store file and password in the idm.truststore and idm.truststore.password parameters.

For details, see SAML Single Sign-On setup.

Send Help Center feedback