[prev in list] [next in list] [prev in thread] [next in thread] 

List:       shibboleth-users
Subject:    Re: updating SP's cert in metadata
From:       "Cantor, Scott" <cantor.2 () osu ! edu>
Date:       2018-09-28 16:47:24
Message-ID: 0CD04E91-035C-4F98-A991-2DECA3056674 () osu ! edu
[Download RAW message or body]

On 9/28/18, 12:37 PM, "users on behalf of IAM David Bantz" \
<users-bounces@shibboleth.net on behalf of dabantz@alaska.edu> wrote:

> I added the new cert to my copy of the SP metadata, anticipating a transition \
> period where either cert could be used,  but that triggers this error in processing \
> an incoming request: 

That isn't going to help with an encryption key change, that can't be done solely \
with a metadata tweak and can easily just break the SSO. That's not your problem \
here, I'm just pointing it out.

> Is the strategy flawed or did I do something else dumb?

Not dumb, but if that's an encryption key then you made a mistake *and* the strategy \
is flawed.

-- Scott



-- 
For Consortium Member technical support, see \
https://wiki.shibboleth.net/confluence/x/coFAAg To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net


[prev in list] [next in list] [prev in thread] [next in thread]