md-distro - [md-distro] signing metadata with xmlsectool
Subject: Metadata Distribution Subcommittee of TAC
List archive
- From: Tom Scavo <>
- To:
- Subject: [md-distro] signing metadata with xmlsectool
- Date: Wed, 23 Oct 2013 13:55:21 -0400
As you know, a Phase 1 implementation plan has been drafted and shared with
TAC:
https://spaces.internet2.edu/x/5IOZAg
Related to this, we in Ops have a very specific question that weighs
heavily on this implementation plan.
Here is the command we use to sign InCommon metadata:
$ xmlsectool.sh --sign \
--inFile=InCommon-metadata_unsigned.xml \
--referenceIdAttributeName ID \
--keystore=$KS \
--keystorePassword="$key_passwd1" \
--keyPassword="$key_passwd1" \
--key=$ALIAS \
--keystoreType=jks \
--outFile=data/InCommon-metadata.xml
Will the above command continue to work after March 29, 2014 (which is
the day the legacy CA certificate expires)?
Will the above command continue to work after May 2, 2014 (which is
the day the current signing certificate expires)?
Thanks,
Tom
- [md-distro] signing metadata with xmlsectool, Tom Scavo, 10/23/2013
- Re: [md-distro] signing metadata with xmlsectool, Cantor, Scott, 10/23/2013
- Re: [md-distro] signing metadata with xmlsectool, Ian Young, 10/26/2013
- Re: [md-distro] signing metadata with xmlsectool, Cantor, Scott, 10/23/2013
Archive powered by MHonArc 2.6.16.