reflecting the CredentialResolver in generated metadata

Tom Scavo trscavo at gmail.com
Tue Apr 22 11:17:50 EDT 2014


Just a reality check...

Does the Shibboleth SP Metadata Generation Handler accurately reflect
the configured CredentialResolver? In particular, if the
CredentialResolver looks like this:

<CredentialResolver type="Chaining">
  <CredentialResolver type="File" key="new-key.pem"
certificate="new-cert.pem" use="encryption"/>
  <CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/>
</CredentialResolver>

will the generated metadata contain two key descriptors, one with
use="encryption" and one with no 'use' XML attribute?

Thanks,

Tom


More information about the users mailing list