InCommon metadata support

[Brad MacDonald <>]

Thanks Tom.  Unfortunately it can not.

Brad MacDonald
Skillsoft | phone: 613.963.0332 | mobile: 613.858.7414
Senior Platform Engineer, Hosting

 | www.skillsoft.com

      

-----Original Message-----
From: 

 
[mailto:]
 On Behalf Of Tom Scavo
Sent: Thursday, May 26, 2016 11:27 AM
To: 

Subject: Re: [Metadata-Support] Question on updating metadata with new 
certificates

Hi Brad,

On Thu, May 26, 2016 at 10:31 AM, Brad MacDonald 
<>
 wrote:
>
> I’ve been reading the documentation on the site for a few days now but 
> I’m still not sure how we can update our certificates successfully 
> without potentially causing a service interruption to our clients.  We 
> currently have one certificate that used for both signing and 
> encryption.  We would like to replace this with two new certificates, 
> one for signing and another for encryption.  It seems as though all 
> the documentation around this points to replacing one cert for 
> another, not how to replace one certificate with two.  Can anyone 
> provide any guidance on how to achieve this with causing the least 
> amount of disruption? I’ve been reading this article in particular
>
> https://spaces.internet2.edu/display/InCFederation/SP+Cert+Migration

Well, if you follow the procedure documented on that page, there will be no 
service disruption. However, that assumes that your SAML software can be 
configured with two decryption keys. Can it?

Tom