SSL Certificate update

Srinu Anumaneni srinu.ydlp at
Fri Sep 14 11:02:09 EDT 2018


      we have .metadata file which contains signature and certs. We got new
federationmetadata.xml file from provider, we are consumers. How can I
create or update .metadata file which plain text file. I knew to this
entire concept, this one is already implemented by others. Now I have
update signature and cert I am getting below exception with old metadata

Caused by: org.opensaml.xml.validation.ValidationException: Signature did
not validate against the credential's key

Please help me on this.
Thank you very much.

On Fri, Sep 14, 2018 at 1:26 PM Peter Schober <peter.schober at>

> * Srinu Anumaneni <srinu.ydlp at> [2018-09-14 03:59]:
> > No need to update provider ssl information at cosumer.
> Is that a question? I have no idea what ou want to say here.
> > If we need to update ssl certificate where we have to change
> > it.
> This is not about SSL (as far as I can glean from the messages so
> far), it's about the keys in metadata to be used for securing SAML
> protocol messages.
> (Even if you re-used the same key for SSL and SAML you can leave the
> keys in metadata unchanged when renewing the SSL/TLS keys, if you
> want.)
> > Code developed already by others we are unable to find where to
> > update provider ssl certificate on consumer application.
> I have no idea what this means. If you're asking where to update the
> IDP metadata at the SP then the answer is "in the same place you put
> the IDP metadata", likely a local file on the SP.
> Are you even running the Shibboleth SP software?
> -peter
> --
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list