Menu
▾
▴
[Unity-idm-discuss] New certificates from IdP are not taken in place by regular metadata update
|
From: Sander A. <sa....@fz...> - 2020-09-14 05:35:44
|
Hello Krzysztof, I encountered an old problem, which is still present in unity. If an IdP updated its certificate and provides it within the federation metadata, like eduGAIN, unity does not update the used certificate by the regular metadata update (once per hour). After the IdP changes its certificate unity just give the attached error. Last metadata update before the error: 2020-09-11T09:40:46,282 [pool-2-thread-2] DEBUG unity.server.saml.MetaToSPConfigConverter: Added a trusted IdP loaded from SAML metadata: https://idp.scc.kit.edu/idp/shibboleth with urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect binding 2020-09-11T09:40:46,282 [pool-2-thread-2] DEBUG unity.server.saml.MetaToSPConfigConverter: Added a trusted IdP loaded from SAML metadata: https://idp.scc.kit.edu/idp/shibboleth with urn:oasis:names:tc:SAML:2.0:bindings:SOAP binding 2020-09-11T09:41:37,769 [pool-2-thread-2] DEBUG unity.server.saml.MetaToSPConfigConverter: Added a trusted IdP loaded from SAML metadata: https://idp.scc.kit.edu/idp/shibboleth with urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect binding 2020-09-11T09:41:37,769 [pool-2-thread-2] DEBUG unity.server.saml.MetaToSPConfigConverter: Added a trusted IdP loaded from SAML metadata: https://idp.scc.kit.edu/idp/shibboleth with urn:oasis:names:tc:SAML:2.0:bindings:SOAP binding Using federations like DFN or eduGAIN makes it impossible to know when a certificate is updated. Cheers, Sander -- Federated Systems and Data Juelich Supercomputing Centre phone: +49 2461 61 8847 fax: +49 2461 61 6656 email: sa....@fz... ---------------------------------------------------------------------- ----------------------------------------------------------------------- Forschungszentrum Juelich GmbH 52425 Juelich Sitz der Gesellschaft: Juelich Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 Vorsitzender des Aufsichtsrats: MinDir Volker Rieke Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt ----------------------------------------------------------------------- ----------------------------------------------------------------------- |
