SSL Certificate update

Peter Schober peter.schober at
Thu Sep 13 13:56:43 EDT 2018

* Srinu Anumaneni <srinu.ydlp at> [2018-09-13 19:30]:
>'s ssl certification is expired, do we need to change
> metadata added in

If that's a question the answer is "no", at least as long as the
involved systems adhere to OASIS SAML MetaIOP[1], as the Shibboleth
IDP and SP do.

> If I change metadata file I am getting expections.

Signature validation should fail if on the SP side if the cert in
metadata at the SP (about the IDP) doesn't match the key the IDP signs
with. Is that what you're getting? Or other exceptions (be specific
and provide the literal error messages)?


[1] SAML V2.0 Metadata Interoperability Profile

More information about the users mailing list