metadata-support - Re: [Metadata-Support] Question on updating metadata with new certificates
Subject: InCommon metadata support
List archive
- From: Tom Scavo <>
- To: "" <>
- Subject: Re: [Metadata-Support] Question on updating metadata with new certificates
- Date: Thu, 26 May 2016 11:27:21 -0400
Hi Brad,
On Thu, May 26, 2016 at 10:31 AM, Brad MacDonald
<>
wrote:
>
> I’ve been reading the documentation on the site for a few days now but I’m
> still not sure how we can update our certificates successfully without
> potentially causing a service interruption to our clients. We currently
> have one certificate that used for both signing and encryption. We would
> like to replace this with two new certificates, one for signing and another
> for encryption. It seems as though all the documentation around this points
> to replacing one cert for another, not how to replace one certificate with
> two. Can anyone provide any guidance on how to achieve this with causing
> the least amount of disruption? I’ve been reading this article in particular
>
> https://spaces.internet2.edu/display/InCFederation/SP+Cert+Migration
Well, if you follow the procedure documented on that page, there will
be no service disruption. However, that assumes that your SAML
software can be configured with two decryption keys. Can it?
Tom
- [Metadata-Support] Question on updating metadata with new certificates, Brad MacDonald, 05/26/2016
- [Metadata-Support] RE: Question on updating metadata with new certificates, Cantor, Scott, 05/26/2016
- Re: [Metadata-Support] Question on updating metadata with new certificates, Tom Scavo, 05/26/2016
- RE: [Metadata-Support] Question on updating metadata with new certificates, Brad MacDonald, 05/26/2016
- Re: [Metadata-Support] Question on updating metadata with new certificates, Tom Scavo, 05/26/2016
- RE: [Metadata-Support] Question on updating metadata with new certificates, Cantor, Scott, 05/26/2016
- RE: [Metadata-Support] Question on updating metadata with new certificates, Brad MacDonald, 05/26/2016
- RE: [Metadata-Support] Question on updating metadata with new certificates, Cantor, Scott, 05/26/2016
- RE: [Metadata-Support] Question on updating metadata with new certificates, Brad MacDonald, 05/26/2016
- RE: [Metadata-Support] Question on updating metadata with new certificates, Cantor, Scott, 05/26/2016
- Re: [Metadata-Support] Question on updating metadata with new certificates, Tom Scavo, 05/26/2016
- RE: [Metadata-Support] Question on updating metadata with new certificates, Brad MacDonald, 05/26/2016
Archive powered by MHonArc 2.6.16.