I'm using sample project for Windows Phone that comes from "A Guide to Claims-based Identity and Access Control (2.0)".
I chapter 7 of the sample code there is a "web.config" file that is associated with the "f-Shipping.7" web site that has several references to "Thumbprint". This section has to do with "Federated Authentication" configuration of the code is here below:
<federatedAuthentication><wsFederation passiveRedirectEnabled="false" issuer="https://xxxxxxxxx.accesscontrol.windows.net/v2/wsfederation" realm="https://localhost:44702/f-Shipping.7/FederationResult" homeRealm="http://tenant-to-be-replaced" requireHttps="true" /><cookieHandler requireSsl="true" path="/f-Shipping.7/" /></federatedAuthentication><issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"><trustedIssuers><!-- ACS issuer certificate --><add thumbprint="830C708C76B9E261CF43D96EB60F87DF59B0CB72" name="https://xxxxxxxxx.accesscontrol.windows.net/" /></trustedIssuers></issuerNameRegistry><serviceCertificate><certificateReference x509FindType="FindByThumbprint" findValue="5a074d678466f59dbd063d1a98b1791474723365" /></serviceCertificate>
My question has to do with references to Thumbprints. Where it says "<!-- ACS issuer certificate -->" in the code above whatcertificate is this referring to? Is it the certificate provided byWindows Azure ACS service or is this referring to the "localhost"certificate thumb print (this is most confusing).
In the node "<serviceCertificate>" does the "findValue=5a074d678466f59dbd063d1a98b1791474723365" refer to a ACS certificate provided by Windows Azure, a localhost certificate or some other certificate that I'm not understanding the reference to?
Any help understanding what these certificate references refer to would be greatly appreciated.
Edward Walker