比較バージョン

キー

  • この行は追加されました。
  • この行は削除されました。
  • 書式設定が変更されました。

...

アンカー
EnglishVersion
EnglishVersion

Procedure for Changing the Shibboleth SP

...

Configuration to use new GakuNin signing certificate

警告

This manual is a work-in-progress. Please note that it may be changed in the final version. The URL mentioned in here is not prepared yet.

...

注意

This manual is for the standard Shibboleth SP configuration set according to version 2.6.0. If you are using a different version or configuration, please replace and read it accordingly.

Download a the new signing certificate from the URL below and place it in: /etc/shibboleth/cert/gakunin-signer-2017.cer
https://metadata.gakunin.nii.ac.jp/gakunin-signer-2017.cer

注意
titleConfirmation of certificate fingerprint

Please confirm that the fingerprint of the downloaded certificate matches the following:

SHA256 Fingerprint=5E:D6:A8:C5:E9:30:49:3F:B4:BA:77:54:6A:FB:66:BA:14:7D:CB:50:5B:EF:0F:D9:7C:26:04:C2:D9:36:FD:81

OpenSSL command is as follows:

> openssl x509 -in gakunin-signer-2017.cer -fingerprint -sha256 -noout

 


Official disclosure location of signature verification certificate and Fingerprint : https://meatwiki.nii.ac.jp/confluence/x/F4W5

 

The federation metadata URL for publishing is stipulated in "System Administration Standards for the GakuNin".

Metadata Publishing URL : https://metadata.gakunin.nii.ac.jp/gakunin-metadata.xml

System Administration Standards for the GakuNin : http://id.nii.ac.jp/1149/00000219/



notice:The following description is diff format.


Edit /etc/shibboleth/shibboleth2.xml as follows:

...