Expiring IDP signing certificate

Ullfig, Roberto Alfredo rullfig at uic.edu
Fri Jun 3 16:16:05 UTC 2022

If you google for "replacing IDP cert incommon" you will get some hits to useful documentation but those sites are currently unavailable. As I understand it though, that certificate expiration date is entirely advisory, nothing should break or change when that self-signed certificate expires. The expiration date is merely advising that you should periodically replace the certificate.

Roberto Ullfig - rullfig at uic.edu
Systems Administrator
Enterprise Applications & Services | Technology Solutions
University of Illinois - Chicago
From: users <users-bounces at shibboleth.net> on behalf of Ho, PeiQuan via users <users at shibboleth.net>
Sent: Friday, June 3, 2022 10:51 AM
To: users at shibboleth.net <users at shibboleth.net>
Cc: Ho, PeiQuan <PeiQuan.Ho at tufts.edu>
Subject: Expiring IDP signing certificate


  Our IDP signing certificate as used in shibboleth.DefaultSigningCredential is expiring.  It is the 10-year self-signed certificate as recommended during installation.  What is the process to update/rollover this cert with minimal impact to SPs?



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20220603/4aea42f7/attachment.htm>

More information about the users mailing list