Versions Compared

Old Version 9

changes.mady.by.user trscavo@internet2.edu

Saved on

compared with

New Version 10

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
xml
xml
<CredentialResolver type="File" key="new-key.pem" certificate="new-cert.pem"/>

...

Note

The above examples are not meant to be taken literally. If your files go by different names, live in non-default locations, then you will obviously need to adust. Also take care as to whether one or both of your private keys has been encrypted on disk. You may need to supply a password attribute in your elements to load the key. In all cases CHECK YOUR LOGS any time you are manipulating keys. You MUST ensure that all keys are loading correctly and that no errors are being logged during normal use.

The above process is suitable for cases in which the metadata's <md:KeyDescriptor> elements do not carry a use XML attribute and there is no opportunity to introduce such a use attribute into metadata. Other approaches may be more suitable for non-Shibboleth implementations.

...