idp-metadata.xml not generated during fresh install of 4.1.4

Tom Jordaan t.s.jordaan at
Thu Sep 30 12:08:41 UTC 2021

Hi everyone,

I understand that the idp-metadata.xml file is a hold-over, and isn't fondly looked upon. Nonetheless, it's caused me some annoyance not to have it, and I discovered I didn't have it in my fresh v4 install when trying to obtain metadata with new trust fabric certs just now, to upload to for early testing of the service upgrade I'm belatedly working on.

I see there were both problems of simple omission of its generation, fixed in February last year, and more recently, an outright crash of the Java component responsible during the installation. I've not located a Jira ticket for that one, so if it was reported I'm assuming it got fixed before this version that I'm running. I didn't notice a crash during the installation of this IDP instance, but it's been a little while, so it might have happened and I missed it, particularly if the installer carries on with its tasks regardless of that particular task's failure.

A related question for me is whether there is any other route to programmatically obtaining the metadata that the IDP holds for itself, for the purpose of federation? Or, is it expected that operators will maintain a metadata file for the IDP by hand, updating it with the certificates as they change? I noticed comments on IDP-1681, that would seem to confirm this.

As an immediate workaround I can copy the v3/v2 metadata file, replace the certificates as needed, and try to bodge it that way - but I'm wondering if that's the recommended course, here?

Grateful for any input,

Tom Jordaan, Infrastructure Systems Engineer
Infrastructure Software, QMUL IT Services
Mile End Road, London E1 4NS  020 7882 6940

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list