CheckForUpdates

The update command allows you to check to see whether an update is available for the IdP.

By default this will display whether the IdP can be updated:

$ ./update.sh INFO - No Upgrade available from 5.0.0

If a new version is available it will be announced:

$ ./update.sh INFO - Version 5.0.0 can be upgraded to 5.1.0

The updated distribution can be downloaded using the -d qualifier. Downloaded files are signature checked against the current Shibboleth PGP_KEYS file but, as for the plugin installer, you have to accept the offered key (which you are expected to independently validate). The keystore of trusted signatures can be overridden on the command line, but defaults to %{idp.home}/credentials/net.shibboleth.idp/

Command Line Options

By defaut (no qualifiers) a check of the current version is made.

Short

Long

Type

Description

Short

Long

Type

Description

-l

-list

 

List versions available

-d

--downloadDir

Path

If an upgrade is available download and signature check it

-fd

--forceDownload

Version string

Download the distribution for the provided version even if it isn’t an available update (required -d)

The following are for advanced use:

 

--truststore

Path to a GPG key ring

Path to the (non default) trust store file used check the signature

 

--updateURL

URL

Location to get the update information

 

 --verbose

 

Verbose logging

 

--quiet

 

Quiet logging

 

--logConfig

Path to logback configuration

Specify a file to use to control the logging of the plugin command

 

--version

 

Output the version of the plugin command

-hc

--http-client

Bean ID

Allows specification of an HTTP client bean used to download updates (or perform any related Module operation).

For details on wiring up a client bean, refer to the HttpClientConfiguration topic.

-hs

--http-security

Bean ID

Allows security customization of the HTTP operation(s).

Additionally a set of Spring resource files can be supplied to provide the configuration for the last two qualifiers.