...
- KeyName - A name, or reference, for this credential which may be used in place of the larger expanded form in some use cases. Multiple
KeyName
elements are allowed. - PrivateKey - The private key for the credential; only one
PrivateKey
element is allowed. ThePrivateKey
element may include apassword
attribute with the decryption password for the key. - Certificate - The public certificate, or a certificate in the trust chain, for this credential. Each
Certificate
element may contain more than one encoded certificate and more than oneCertificate
element may be used. ACertificate
element may contain theentityCertificate
boolean attribute to indicate that the given certificate is the entity certificate for this credential. - CRL - A CRL for this credential. Multiple
CRL
elements are allowed.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<!-- MetadataProvider element above this point --> <Credential xsi:type="X509Inline" xmlns="urn:mace:shibboleth:2.0:security" id="MyCredential"> <KeyName>key.example.org</KeyName> <PrivateKey password="myKeyPa$$word"> <!-- Some DER, PEM, or PKCS 8 encoded key --> </PrivateKey> <Certificate> <!-- Some DER or PEM encoded cert --> </Certificate> </Credential> |
...
- KeyName - A name, or reference, for this credential which may be used in place of the larger expanded form in some use cases. Multiple
KeyName
elements are allowed. - PrivateKey - The private key file for the credential; only one
PrivateKey
element is allowed. ThePrivateKey
element may include apassword
attribute with the decryption password for the key. - Certificate - A public certificate file, or a certificate in the trust chain, for this credential. Each
Certificate
element may contain more than one encoded certificate and more than oneCertificate
element may be used. ACertificate
element may contain theentityCertificate
boolean attribute to indicate that the given certificate is the entity certificate for this credential. - CRL - A CRL file for this credential. Multiple
CRL
elements are allowed.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
<!-- MetadataProvider element above this point --> <Credential xsi:type="X509Filesystem" xmlns="urn:mace:shibboleth:2.0:security" id="MyCredential"> <KeyName>key.example.org</KeyName> <PrivateKey password="myKeyPa$$word">/path/to/my/private.key</PrivateKey> <Certificate>/path/to/my/public.crt</Certificate> </Credential> |