Skip to content

Commit

Permalink
Add our certificate as being elligible for encryption as well as sign…
Browse files Browse the repository at this point in the history
…ing (to make idPs that require encryption happy)
  • Loading branch information
zi0r authored and thijskh committed Dec 6, 2022
1 parent 47beddc commit 7919b25
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions mellon_create_metadata.sh
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,13 @@ CERT="$(grep -v '^-----' "$OUTFILE.cert")"
cat >"$OUTFILE.xml" <<EOF
<EntityDescriptor entityID="$ENTITYID" xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true">
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>$CERT</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
Expand Down

0 comments on commit 7919b25

Please sign in to comment.