Skip to Content.
Sympa Menu

metadata-support - [Metadata-Support] RE: Manually signing XML metadata

Subject: InCommon metadata support

List archive

[Metadata-Support] RE: Manually signing XML metadata

Chronological Thread 
  • From: "Cantor, Scott" <>
  • To: "" <>
  • Subject: [Metadata-Support] RE: Manually signing XML metadata
  • Date: Tue, 19 Jul 2016 14:25:21 +0000
  • Accept-language: en-US
  • Authentication-results: spf=pass (sender IP is;; dkim=none (message not signed) header.d=none;; dmarc=bestguesspass action=none;
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99

> How do I create signed XML metadata by hand? I ask because I have
> edited the metadata for several AD FS IdPs to include Scope and UIInfo
> elements, and while I serve them over HTTPS, I would like to use digital
> signatures as an added integrity check.

There are various utilities that can do it attached to most XML signing
libraries, usually requiring a little bit of understanding of the options to
use or avoid. The Shibboleth Project also has a Java tool available,
XmlSecTool, and I'm sure there are others around I don't know about.

-- Scott

Archive powered by MHonArc 2.6.19.

Top of Page