...
if you're trying to load very large SAML 2.0 Metadata (e.g. the size of InCommon or eduGAIN) you may need to increase the startup timeout systemd applies before it kills off shibd and tries to start it again (which is pointless since parsing/signature-validating that metadata won't be any faster the next time). This can be done by setting TimeoutStartSec to a rather large (r) value – adjusting the actual timeout value as needed – see below for a value, e.g. 2h (or infinite , to disable the startup timeout functionality) for InCommon/eduGAIN-sized metadata. See below for an example or the systemd.service documentation.
| Code Block | ||||
|---|---|---|---|---|
| ||||
echo -e '[Service]\nTimeoutStartSec=30m30min' | sudo tee /etc/systemd/system/shibd.service.d/timeout.conf sudo systemctl daemon-reload |