Skip to main content
OCLC Support

How do I generate metadata for SAML connection to EZproxy?

  • Metadata required to complete a SAML connection to EZproxy
Applies to
  • EZproxy - All versions

Use the following steps and recommendations to create a metadata file to complete a SAML connection with EZproxy.

  1. Create a Self-Signed certificate from the EZproxy Administration page.
    • Login to EZproxy Administration page
    • Click Manage SSL
    • Create a new SSL Certificate
    • Complete all the fields for contact information
    • Select " radio button (a wildcard certificate is not required)
    • Extend the expiration to 10 years from the dropdown
    • Click Self Signed create button
    • DO NOT Activate this certificate, an active certificate is not required to complete the connection.
  2. From the Administration page select Manage SSL (https) certificates
  3. Select the number of the self signed certificate created (see additional information)
  4. Select the certificate with the SAML options you would like available
    • View PEM version of this certificate
    • View Shibboleth metadata for this certificate without Single Logout enabled
    • View Shibboleth metadata for this certificate with Single Logout enabled
  5. Verify the EntityID in the metadata matches your EZproxy server.  This will be one of the first values in the file  (This value is the -entityID= from the shibboleth metadata block in the config.txt)  
  6. Save the metadata to a .xml file for use on the SAML server.
Additional information

It is recommended that a Self-Signed certificate is used to create the connection because the certificate has no cost and can be set to expire in 10 years so the configuration does not have to be updated annually or biannually when the domain certificate expires.  If you would like to use your standard certificate skip to step 3.


Page ID