Removing Certs from Metadata
trscavo at gmail.com
Mon Nov 28 18:36:53 GMT 2011
On Mon, Nov 28, 2011 at 1:27 PM, Zmuda, Matthew R
<Matthew.R.Zmuda at td.com> wrote:
> As per our process we install new certs on a fairly regular basis. So it would be nice to simply deploy the public cert 1 time to our server and have the relaying-party.xml and idp-metadata.xml pick up the change without any copy and paste. Not a big deal I suppose.
Now we're getting to the crux of the matter, I think. Certificates are
included in metadata and metadata is shared with federation partners,
so the proper way to replace old certificates with new certificates
depends on how you share metadata.
More information about the users