Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
Next revisionBoth sides next revision
en:production [2020/04/08 08:36] Wolfgang Pempeen:production [2020/10/01 09:27] Wolfgang Pempe
Line 58: Line 58:
                   maxRefreshDelay="PT2H">                   maxRefreshDelay="PT2H">
             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"
-                  certificateFile="/etc/ssl/aai/dfn-aai.g2.pem"/>+                  certificateFile="/etc/ssl/aai/dfn-aai.pem"/>
     </MetadataProvider>     </MetadataProvider>
          
Line 68: Line 68:
                   maxRefreshDelay="PT2H">                   maxRefreshDelay="PT2H">
             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"             <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true"
-                  certificateFile="/etc/ssl/aai/dfn-aai.g2.pem"/>+                  certificateFile="/etc/ssl/aai/dfn-aai.pem"/>
     </MetadataProvider>     </MetadataProvider>
  
Line 83: Line 83:
       uri="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-basic-metadata.xml"       uri="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-basic-metadata.xml"
       backingFilePath="dfn-aai-basic-metadata.xml" reloadInterval="3600">       backingFilePath="dfn-aai-basic-metadata.xml" reloadInterval="3600">
-   <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.g2.pem" />+   <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />
    <MetadataFilter type="EntityRoleWhiteList">    <MetadataFilter type="EntityRoleWhiteList">
        <RetainedRole>md:IDPSSODescriptor</RetainedRole>        <RetainedRole>md:IDPSSODescriptor</RetainedRole>
Line 92: Line 92:
       uri="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-edugain+idp-metadata.xml"       uri="http://www.aai.dfn.de/fileadmin/metadata/dfn-aai-edugain+idp-metadata.xml"
       backingFilePath="dfn-aai-edugain+idp-metadata.xml" reloadInterval="3600">       backingFilePath="dfn-aai-edugain+idp-metadata.xml" reloadInterval="3600">
-   <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.g2.pem" />+   <MetadataFilter type="Signature" certificate="/etc/ssl/aai/dfn-aai.pem" />
    <MetadataFilter type="Blacklist" matcher="EntityAttributes">    <MetadataFilter type="Blacklist" matcher="EntityAttributes">
        <saml:Attribute Name="http://macedir.org/entity-category"         <saml:Attribute Name="http://macedir.org/entity-category" 
Line 113: Line 113:
 ==== Central Discovery Service ==== ==== Central Discovery Service ====
  
-In case no SP-specific and/or [[de:shibeds|Embedded Discovery Service]] can be implemented, we provide a centralized+In case no SP-specific and/or [[de:shibsp#shibboleth_eds_embedded_discovery_service|Embedded Discovery Service]] can be implemented, we provide a centralized
 discovery service as a fall-back. An **SP** can choose between several central discovery URLs in accordance with its MetadataProvider configuration (see above). So-called "Local SPs" that are intended for internal use only (e.g. campus management), should refer to the Entity ID of the IdP of the Home Organization (see also [[de:metadata_local|Local Metadata]]). discovery service as a fall-back. An **SP** can choose between several central discovery URLs in accordance with its MetadataProvider configuration (see above). So-called "Local SPs" that are intended for internal use only (e.g. campus management), should refer to the Entity ID of the IdP of the Home Organization (see also [[de:metadata_local|Local Metadata]]).
  
  • Last modified: 16 months ago