updating SP's cert in metadata
Cantor, Scott
cantor.2 at osu.edu
Fri Sep 28 12:47:24 EDT 2018
On 9/28/18, 12:37 PM, "users on behalf of IAM David Bantz" <users-bounces at shibboleth.net on behalf of dabantz at alaska.edu> wrote:
> I added the new cert to my copy of the SP metadata, anticipating a transition period where either cert could be used,
> but that triggers this error in processing an incoming request:
That isn't going to help with an encryption key change, that can't be done solely with a metadata tweak and can easily just break the SSO. That's not your problem here, I'm just pointing it out.
> Is the strategy flawed or did I do something else dumb?
Not dumb, but if that's an encryption key then you made a mistake *and* the strategy is flawed.
-- Scott
More information about the users
mailing list