Reloading local SP data sealer keys
Wessel, Keith
kwessel at illinois.edu
Mon Oct 8 12:41:07 EDT 2018
Hi, all,
We're having some trouble getting the data sealer key to automatically reload upon file change in the SP. We see this on SP start-up:
shibd_1 | sp-shibd 2018-10-08 15:23:51 INFO XMLTooling.DataSealer : change detected, reloading local resource...
shibd_1 | sp-shibd 2018-10-08 15:23:51 INFO XMLTooling.DataSealer : loading secret keys from local file (/var/shib-keys/keys)
But changing the file later doesn't cause any logging about a reload. We have reloadChanges set implicitly to its default and don't have a reload interval set since, from the docs, that seems to be for loading from a remote resource which we aren't.
With logging turned up to debug, we also see this rather strange entry:
shibd_1 | sp-shibd 2018-10-08 15:23:51 DEBUG XMLTooling.DataSealer : using key (2), data will expire on 2018-10-08T15:23:51Z
Expires immediately?
Specifically, our question is should we see the two INFO lines that we saw at start-up again whenever the file changes? Second question is when does the SP look for changes to that file? Will it only check when it's accessed and needs to use the data sealer key? Or is it always polling that file in the background and looking for changes?
Thanks,
Keith
More information about the users
mailing list