Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

...

  • KeyName - A name, or reference, for this credential which may be used in place of the larger expanded form in some use cases. Multiple KeyName elements are allowed.
  • PrivateKey - The private key for the credential; only one PrivateKey element is allowed. The PrivateKey element may include a password attribute with the decryption password for the key.
  • Certificate - The public certificate, or a certificate in the trust chain, for this credential. Each Certificate element may contain more than one encoded certificate and more than one Certificate element may be used. A Certificate element may contain the entityCertificate boolean attribute to indicate that the given certificate is the entity certificate for this credential.
  • CRL - A CRL for this credential. Multiple CRL elements are allowed.
Code Block
xml
xml
titleExample Inline X.509 Credential Configurationxml
<!-- MetadataProvider element above this point -->
<Credential xsi:type="X509Inline" xmlns="urn:mace:shibboleth:2.0:security"
                      id="MyCredential">

   <KeyName>key.example.org</KeyName>

   <PrivateKey password="myKeyPa$$word">
      <!-- Some DER, PEM, or PKCS 8 encoded key -->
   </PrivateKey>

   <Certificate>
      <!-- Some DER or PEM encoded cert -->
   </Certificate>
  
</Credential>

...

  • KeyName - A name, or reference, for this credential which may be used in place of the larger expanded form in some use cases. Multiple KeyName elements are allowed.
  • PrivateKey - The private key file for the credential; only one PrivateKey element is allowed. The PrivateKey element may include a password attribute with the decryption password for the key.
  • Certificate - A public certificate file, or a certificate in the trust chain, for this credential. Each Certificate element may contain more than one encoded certificate and more than one Certificate element may be used. A Certificate element may contain the entityCertificate boolean attribute to indicate that the given certificate is the entity certificate for this credential.
  • CRL - A CRL file for this credential. Multiple CRL elements are allowed.
Code Block
xml
xml
titleExample Filesystem X.509 Credential Configurationxml
<!-- MetadataProvider element above this point -->
<Credential xsi:type="X509Filesystem" xmlns="urn:mace:shibboleth:2.0:security"
                      id="MyCredential">

   <KeyName>key.example.org</KeyName>

   <PrivateKey password="myKeyPa$$word">/path/to/my/private.key</PrivateKey>

   <Certificate>/path/to/my/public.crt</Certificate>
  
</Credential>