...
Download a new signing certificate from the URL below and place it in: /etc/shibboleth/cert/gakunin-signer-2017.cer
https://metadata.gakunin.nii.ac.jp/gakunin-signer-2017.cer
| 注意 | ||
|---|---|---|
| ||
Please confirm that the fingerprint of the downloaded certificate matches the fingerprint presented by GakuNin. > openssl x509 -in gakunin-signer-2017.cer -fingerprint -noout |
Edit /etc/shibboleth/shibboleth2.xml as follows:
...
| コード ブロック |
|---|
(For CentOS 7) $ sudo systemctl restart shibd (For CentOS 6) $ sudo service shibd restart |
After a sufficient amount of time, please make sure that the signed metadata with the new signing key is downloaded.
It is success that just before the first match "</ds:X509Certificate>" of the GakuNin meta-data file is as follows:
| コード ブロック | ||
|---|---|---|
| ||
nwU/H9ROp1cl
</ds:X509Certificate> |