signing / encryption keys (certs) for IdP metadata

Donald Lohr lohrda at
Thu Apr 28 20:19:27 UTC 2022

We've seen examples when making the self-signed public key/cert to set 
it to 3650 days (10 years).

Is it a good practice to go more that 10 years?


D o n a l d   L o h r
I n f o r m a t i o n   S y s t e m s
J a m e s   M a d i s o n   U n i v e r s i t y
5 4 0 . 5 6 8 . 3 7 3 0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list