Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
en:metadata [2019/05/23 07:43]
Wolfgang Pempe
en:metadata [2020/03/27 11:48] (current)
Wolfgang Pempe [Additional Information]
Line 1: Line 1:
 ====== Metadata ====== ====== Metadata ======
- +<callout type="​primary"​ title="​Important Notes">​ 
-==== DFN-PKI Generation 2 Certificate for Signature Validation (new) ==== +  * These URLs are case-sensitive, i.e. lower case is important! 
- +  * HTTPS is supported. 
-<wrap important round>**Achtung** +  * Please refer to [[en:​production#​metadataprovider|this page]] for configuration examples for Shibboleth IdP und SP. 
- +</callout>
-These links are case-sensitive! Please switch to lower-case only! HTTPS is supported. +
- +
-</wrap>+
  
 The signed metadata of the **DFN-AAI Test Federation:​** \\ The signed metadata of the **DFN-AAI Test Federation:​** \\
Line 29: Line 26:
 **Local metadata:** [[http://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai-local-999-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai-local-999-metadata.xml]] ("​999"​ has to be replaced with an organization-specific number. Please refer to [[:​de:​metadata_local|Lokale Metadaten]]) **Local metadata:** [[http://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai-local-999-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai-local-999-metadata.xml]] ("​999"​ has to be replaced with an organization-specific number. Please refer to [[:​de:​metadata_local|Lokale Metadaten]])
  
-The **DFN-AAI certificate** (PEM format) ​for validating the signature(s) of DFN-AAI metadata (SHA256 ​fingerprintD4:1A:66:79:E0:2A:05:BF:8A:2C:CA:24:6D:97:C1:CB:29:B8:53:ED:30:D8:C9:70:91:4F:92:E2:70:C2:8D:36):\\ +**Certificate ​for validating the signature(s) of DFN-AAI metadata** (PEM format) \\ 
-[[https://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai.g2.pem|https://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai.g2.pem]] +SHA256 ​Fingerprint77:2D:24:F6:3F:5F:76:DD:F8:B5:7E:69:59:8D:25:33:BA:99:BB:15:01:CB:6C:B3:5D:A9:1A:85:2E:AB:EE:5F \\ 
- +https://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai.pem ​
-<wrap important round>​**Important** +
- +
-Please refer to [[de:​production#​metadataprovider|this page]] for configuration examples for Shibboleth IdP und SP. +
- +
-</​wrap>​ +
- +
-==== DFN-PKI Generation 1 Certificate for Signature Validation (old) ==== +
-<callout type="​danger"​ title="​Warning">​ +
-**The end of life of DFN-PKI Generation 1 [[https://​blog.pki.dfn.de/​2018/​12/​ablauf-der-alten-generation-1-der-dfn-pki-global/​|is scheduled for 2019-07-09!]] \\ +
-Only use Generation 2 metadata URLs! (see above)** ​  +
-</​callout>​ +
-<​del>​The signed metadata of the **DFN-AAI Test Federation:​** \\ +
-[[http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-Test-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-Test-metadata.xml]] +
- +
-The signed metadata of the **DFN-AAI Basic Federation:​** (file comprises all DFN-AAI production IdPs)\\ +
-[[http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-Basic-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-Basic-metadata.xml]] +
- +
-The signed metadata of the **DFN-AAI Advanced Federation:​** \\ +
-[[http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-metadata.xml]] +
- +
-Signed metadata file with all production **Service Providers in DFN-AAI (for IdPs):** \\ +
-[[http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-sp-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-sp-metadata.xml]] +
- +
-The signed metadata for participation of **IdPs in [[:​de:​edugain|eduGAIN]]** (file comprises all SPs available via eduGAIN):​\\ +
-[[http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-eduGAIN+sp-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-eduGAIN+sp-metadata.xml]] +
- +
-The signed metadata for participation of **SPs in [[:​de:​edugain|eduGAIN]]** (file comprises all IdPs available via eduGAIN):​\\ +
-[[http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-eduGAIN+idp-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-eduGAIN+idp-metadata.xml]]+
  
-**Local metadata:** [[http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-Local-999-metadata.xml|http://​www.aai.dfn.de/​fileadmin/​metadata/​DFN-AAI-Local-999-metadata.xml]] ("​999"​ has to be replaced with an organization-specific number. Please refer to [[:​de:​metadata_local|Lokale Metadaten]]) 
  
-The **DFN-AAI certificate** (PEM format) for validating the signature(s) of DFN-AAI metadata (SHA256 fingerprint:​ D3:​3E:​0F:​3C:​C9:​43:​1F:​A0:​0C:​14:​97:​86:​30:​E3:​5F:​72:​39:​56:​2C:​98:​85:​69:​2D:​52:​63:​1C:​86:​78:​35:​90:​4F:​5C):​\\ 
-[[https://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai.pem|https://​www.aai.dfn.de/​fileadmin/​metadata/​dfn-aai.pem]]\\ 
-fingerprint after March 20, 2017: 7B:​44:​E1:​64:​B4:​6C:​46:​7D:​82:​07:​BC:​C1:​BB:​30:​B8:​64:​11:​2B:​D2:​73:​09:​47:​32:​CC:​B2:​20:​2E:​4A:​33:​5C:​92:​64 
-</​del>​ 
 ==== Additional Information ==== ==== Additional Information ====
  
-For the difference between the "​Advanced"​ and "​Basic"​ federations/​metadata please refer to the explanatory notes on the [[https://​www.aai.dfn.de/​en/​der-dienst/​degrees-of-reliance/​|Degrees of Reliance]]. For configuration examples cf. [[:de:​production|'​Produktionsbetrieb'​]] ​and [[:​de:​shibidp3config-metadata|Shib IdP 3.x metadata configuration]].+For the difference between the "​Advanced"​ and "​Basic"​ federations/​metadata please refer to the explanatory notes on the [[https://​www.aai.dfn.de/​en/​der-dienst/​degrees-of-reliance/​|Degrees of Reliance]]. For configuration examples cf. [[:en:​production|'​Production Environment']][[:​de:​shibidp3config-metadata|Shib IdP 3.x]] and [[de:​shibsp#​shibboleth_sp_3x|Shib SP 3.x]] metadata configuration.
  
  
  • Last modified: 12 months ago