Removing Certs from Metadata
Cantor, Scott
cantor.2 at osu.edu
Mon Nov 28 18:35:20 GMT 2011
On 11/28/11 1:27 PM, "Zmuda, Matthew R" <Matthew.R.Zmuda at td.com> wrote:
>
>As per our process we install new certs on a fairly regular basis. So it
>would be nice to simply deploy the public cert 1 time to our server and
>have the relaying-party.xml and idp-metadata.xml pick up the change
>without any copy and paste. Not a big deal I suppose.
You shouldn't be using certs that change on a constant basis for SAML. The
idp-metadata.xml file isn't relevant anyway. You would need to deal with
any federation(s) to whom you supply metadata. You can't do that by
changing a local setting. That's yet another reason why it shouldn't be
done often.
-- Scott
More information about the users
mailing list