metadata-support - Re: [Metadata-Support] Support for multiple certificates in Federation Manager?
Subject: InCommon metadata support
List archive
Re: [Metadata-Support] Support for multiple certificates in Federation Manager?
Chronological Thread
- From: Nick Roy <>
- To: metadata-suppo. <>
- Subject: Re: [Metadata-Support] Support for multiple certificates in Federation Manager?
- Date: Fri, 6 Sep 2019 17:49:28 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=internet2.edu; dmarc=pass action=none header.from=internet2.edu; dkim=pass header.d=internet2.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ChP5tEOmHUScKPINapqui97t7nkG62F280tRrF6l9G8=; b=dVKeWdh8De7D4/nEwEFujwno2aPWoAZYC0zjr3cH50VG27stil6itN4qE2I2+RH+u2idB/bG3EYgngcmRgJ18ZcJ4LqyUY5cbdluhwka5gZxoXC2btjwBp9WvQRBQ65Chy+pgxkMlGgdq6J4huvdvkEzzmuNw7qgvf/dbevFxYBuwjMuGjxY7YGIa1p1BW6tjnNuOdSjSPZ62h0f8EFsOl6hQmzTSrqC7eUGnhPm8fundCGxIIBvysL7Uty/X6045wtZHnnYquap97ps66s4uAoPlmlhvydiR59bviXgd/WHv3dSMWjrdl6yxnYnrh2wi6Bp9IK+eDcRlSK8UPMWpg==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Kx/KtqlM0Uu1WIELYaCznSCj7OoFj4oD4asbIAtNC0yESAT35L6rigwP8jMMT6nnGkzKL0/A9outoGJjN0D6S3tJODghbLCrBoTaZhU3DclDEanEe2/t8X8y1Q8BPIWDic53lj+lcbP+b2B5sP5ndCzwcOG4x9wiylw/K9u8SGNhHINYRRJGriseKMdX6GnMXemtvPOIyAJDe9+n7wG9nGXBzf0/cQcj8uwbNunpjPoAQyjLm4YbtHhT01Kx+7C+t1hoHNJVkEAyzaG5T5nY5Rk7HzEv9/ZeGJl5Jqc7a/sUF4Au5WkpjmwusA2eJIZTh8mFFCc8Qn+/HAi/IWsyUA==
Hi Jeffrey,
If you’re talking about IdP metadata, you are only allowed to add one or two dual-use (signing and encryption) keys to IdP metadata today. See my thread on this on , just started, to express your desires/use cases.
Best,
Nick
On 21 Aug 2019, at 11:46, Jeffrey J Ramsay wrote:
I am interested in this as well. We are unable to add our encryption certificate to our published metadata.-JeffOn Wed, Aug 21, 2019 at 12:17 PM Jesse Banning <> wrote:Hello,I'm unable to find where to add a second certificate to an SP in FM. I also don't see a process for adding certs in the documentation. When I attempted to add a new cert by updating the SP, I was warned that the new cert would replace the existing one despite leaving the "delete" checkbox unchecked.I'm sure FM must support multiple certificates in metadata this since that's necessary for certificate roll-over as well as for using different certs for signing and encryption.Can anyone point me in the right direction (or to specific documentation) for configuring an SP with more than one certificate using Federation Manager?Thanks,-jesse----
Attachment:
signature.asc
Description: OpenPGP digital signature
- Re: [Metadata-Support] Support for multiple certificates in Federation Manager?, Nick Roy, 09/06/2019
- Re: [Metadata-Support] Support for multiple certificates in Federation Manager?, Nick Roy, 09/06/2019
- Re: [Metadata-Support] Support for multiple certificates in Federation Manager?, Jesse Banning, 09/06/2019
- <Possible follow-up(s)>
- Re: [Metadata-Support] Support for multiple certificates in Federation Manager?, Nick Roy, 09/06/2019
- Re: [Metadata-Support] Support for multiple certificates in Federation Manager?, Nick Roy, 09/06/2019
Archive powered by MHonArc 2.6.19.