...
Code Block |
---|
<!-- Central CCC distribution of metadata --> <MetadataProvider id="CCC_Central_Metadata" xsi:type="FileBackedHTTPMetadataProvider" backingFile="%{idp.home}/metadata/ccc-central-metadata.xml" metadataURL=" http://saml.ccctcportalcccmypath.org/metadata/ccc-metadata.xml"> <MetadataFilter xsi:type="RequiredValidUntil" maxValidityInterval="PT0S"/> <MetadataFilter xsi:type="SignatureValidation" requireSignedRoot="true" certificateFile="${idp.home}/credentials/ccctc-md-cert.pem"/> <MetadataFilter xsi:type="EntityRoleWhiteList"> <RetainedRole>md:SPSSODescriptor</RetainedRole> </MetadataFilter> </MetadataProvider> |
...
As you can tell from the above, the CCC Central Metadata feed is available at: http://saml.ccctcportalcccmypath.org/metadata/ccc-metadata.xml. Note that part of the above configuration is verifying the "signature" on that metadata file and to do that you must create a new file in your IdP's credentials/ directory named 'credentials/ccctc-md-cert.pem' with the following content:
...