--base64EncodeOutput
. This will Base64 encode the signed document, which will eliminate errors caused by unintentional XML reformatting (the most common cause of signature problems).regexp
XML attribute on the Shibboleth <Scope>
extension element). If such an attribute is omitted from an otherwise schema-valid XML document, this may result in verification failures for verifiers that perform schema validation. To mitigate this issue, ensure that all such attributes have explicit values in the document to be signed.JVMOPTS="-Xmx1.5G" ...xmlsectool --sign ... |