StartTLSTrustCredential> element specifies X.509 trust information to use when connecting to a directory over LDAPS or startTLS. This is a targeted alternative to the more typical strategy of loading trust anchors into the global JVM cacert keystore.
Schema Name and Location
This element is defined by the
urn:mace:shibboleth:2.0:resolver schema, which is located at http://shibboleth.net/schema/idp/shibboleth-attribute-resolver.xsd.
xsi:type of the credential referenced is usually defined by the
urn:mace:shibboleth:2.0:security schema, which is located at http://shibboleth.net/schema/idp/shibboleth-security.xsd.
Note that this namespace has not been collapsed into the
Attributes may only be provided if required by the specific credential type.
Child elements may only be provided if required by the specific credential type.
Credential types are distinguished by their
xsi:type. Some of the typical types used with this element are:
See the Credentials topic for details on configuring credentials of various types.
<dc:StartTLSTrustCredential id="LDAPtoIdPCredential" xsi:type="sec:X509ResourceBacked">