SAML Keys Format

MIKE LLOYD - QQ1 mike.lloyd at
Wed Feb 5 18:58:21 EST 2020


My team has a Shibboleth v3.2.1 instance deployed which we inherited not
too long ago. I am still trying to ramp up on Shibboleth's configuration
and I noticed the metadata/idp-metadata.xml configuration file references
our x509 certificates without the "BEGIN/END CERTIFICATE" headers and
footers. I've seen ADFS SAML 2.0 references contain the certificate headers
and footers and I didn't see the OASIS SAML 2.0 specify whether the headers
and footers were needed. Does Shibboleth require the headers and footers of
the x509 certificates to be stripped for the metadata XML files? Ideally
I'd like to leave the certificate headers and footers with the certificate


Mike Lloyd
Innovation Specialist, 18F,
g: mxplusb
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list