Shib v3 x509 certificate

Ramaiah, Vanna G. ramaiah at
Mon Jul 2 16:31:55 EDT 2018

I am working on installing Idp 3 and have questions on what type of x.509 certificates to be used.
Can we have self-signed X.509 certificates(10 yr validity) for Shibboleth Idp or should that be registered (2 yr)? I am afraid that if I  roll-out 2 year validity certificate, I need to work with SPs to get the certificate changed every 2 years.
Also, what do the SPs/ Incommon usually trust in general?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list