Multiple certificates doing both signing+encryption

Jay Athalye jay.athalye at
Tue Nov 2 20:22:53 UTC 2021

I have an SP credentials setup similar to what is shown in the cert rollover
I have ended up in a situation where I have two certs that do not specify
the "use" attribute.
I assume this is not best practice - and I am working towards marking one
of them as "use=encryption".

But I am curious about which cert is used for signing in this case? Is it
the first cert in the config without the "use" attribute?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list