<MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true">
<security:TrustEngine id="SignerTrustEngine" xsi:type="security:StaticExplicitKeySignature">
<security:Credential id="SignerCredential_1" xsi:type="security:X509ResourceBacked">
<security:Certificate>${idp.home}/credentials/signer1.pem</security:Certificate>
</security:Credential>
<security:Credential id="SignerCredential_2" xsi:type="security:X509ResourceBacked">
<security:Certificate>${idp.home}/credentials/signer2.pem</security:Certificate>
</security:Credential>
</security:TrustEngine>
</MetadataFilter> |