Page Comparison

...

• the attribute defaultSigningCredentialRef located on a RelyingParty element
• the attribute signingCredentialRef located on a ProfileConfiguration element
  As you may have guessed, the defaultSigningCredentialRef attribute is used to specify a default signing credential for every profile configuration contained with the RelyingParty while the signingCredentialRef attribute is used to specify a signing credential only for the ProfileConfiguration upon which it appears and it always overrides a default signing credential if one is specified. The value for both attributes is the ID of a credential defined within the $IDP_HOME/conf/relying-party.xml file. Note: the referenced credentials MUST contain a private key as this is what is actually used to sign the XML.

...