SP metadata re-generation after changing hostname
Peter Schober
peter.schober at univie.ac.at
Tue Oct 19 12:33:11 UTC 2021
* MA Lanxin <ma at ihep.ac.cn> [2021-10-19 09:28]:
> As some reason , I changed the SP hostname, and I changed
> ApplicationDefaults entityID to the new hostname.
Unless the old entityID was never used with anyone don't do that:
"The most important attribute an entityID needs to have is persistence."
https://shibboleth.atlassian.net/wiki/spaces/CONCEPT/pages/928645134/EntityNaming
> I re-generated the SP's metadata with the new hostname via the link
> https://doc.ihep.ac.cn/Shibboleth.sso/Metadata
That doesn't "regenerate" anything, it merely generates what is
currently configured on each request, based on the vhost accessed.
> I also re-gererated the sp-signing and sp-encrypt.
Don't do that, either.
> But, the new metadata still contains the old hostname. i.e.
Cf. ServerName in your web server (assuming Apache httpd).
-peter
More information about the users
mailing list