InCommon metadata support

[<>]

Hello, ListServ.

I am new to this group, having just inherited responsibility for a Shibboleth
IdP installation from a former coworker at the University of South Carolina.

I am currently looking into a problem regarding an expired certificate in our
metadata. Per our previous administrator, its presence is necessary due to
multiple SPs referencing it, and removing it will be a concerted effort. He
stated that the fact that it is expired shouldn't matter, unless an SP is
explicitly configured not to accept it, and that is the situation in which we
now find ourselves with Educause.

We have a non-expired certificate in our metadata, but Educause is referencing
the expired one and not accepting it. Is there a way that we can make our
non-expired one the preferred or default one, so that unless an SP explicitly
requests to use a different one, we use that one?

I appreciate any guidance or words of wisdom.

Sincerely,
Payne Seal