Menu
▾
▴
Re: [Unity-idm-discuss] Certificate rollover for SAML
|
From: Krzysztof B. <kb...@un...> - 2018-07-23 18:02:27
|
Hi Sander, W dniu 20.07.2018 o 07:54, Sander Apweiler pisze: > Hi Krzysztof, > > Ok, got it. Just one question in addition. If I configure both in > pki.properties and add both manually in the metadata, can unity use the > second cert, not configured in requesterCredential, to decrypt messages > from IdPs, if they use for some reason the second one. E.g. they did > not fetch federation metadata. Unfortunately no, it is not supported. This would require an additional option to enumerate those other credentials and bit of development to find a proper key per message. Best, Krzysztof |
