Differences

This shows you the differences between two versions of the page.

--- en:certificates [2017/12/04 15:51] – [The SSL certificate chain on your webserver] Silke Meyer
+++ en:certificates [2017/12/04 15:57] – Wolfgang Pempe
@@ Line 2: / Line 2: @@
 In the context of SAML-based communication between IdP and SP, certificates are used for purposes of signature validation and encryption. Those certificates must be registered for the respective entity using the [[en:metadata_admin_tool|metadata administration tool]].
-**The general rule is:** Entities with invalid (that is expired or revoked) certificates are automatically removed from the productive DFN-AAI federation!
+**The general rule is:** Entities with invalid (i.e. expired or revoked) certificates are automatically removed from the productive DFN-AAI federation!
 ===== Information for Identity Providers / Attribute Authorities =====
 Cf. [[de:shibidp3prepare-zert#dfn-pki-zertifikate|Vorbereitung: Zertifikate]]
 ===== Information for Service Providers =====
-All certificates and the respective private keys used for SAML-based communication have to be add to your SP's configuration, no matter which of the options mentioned below you choose. With Shibboleth SP this is the ''CredentialResolver'' element in /etc/shibboleth/shibboleth2.xml (see [[https://wiki.aai.dfn.de/de:shibsp|Shibboleth SP (de)]]).
+All certificates and the respective private keys used for SAML-based communication have to be added to your SP's configuration, no matter which of the options mentioned below you choose. With Shibboleth SP this is the ''CredentialResolver'' element in /etc/shibboleth/shibboleth2.xml (see [[https://wiki.aai.dfn.de/de:shibsp|Shibboleth SP (de)]]).
 ==== DFN-PKI Certificates ====