SSO Certificate Rollover
Hello, our administrators have provided me with the following information concerning the SSO Certificate Rollover, and before I complete the verification, I want to ensure that we have completed all the correct steps:
On the IdP side, I have it configured to pull the SP metadata (for entityID="https://www.teamdynamix.com/shibboleth") from the InCommon repository. We reload what is published to InCommon daily.
The administrators want to confirm that the new certificate is already updated and in use, and by pulling the metadata daily, the UO SP instance is using the new instance of the certificate.
Finally, to confirm, with the steps we have taken, we do not need to make any additional changes on the UO side?
Thanks, Tevis
Answer (1)
Hello Tevis,
Yes if you arleady consume our certificate from InCommon then you should have the new one already. Also, it is only needed if you perform assertion encryption on your SSO sessions with TDX.