Metadata updates are announced to the Identity and Service Provider administrators. Metadata updates should be deployed within 24 hours of its release. Therefore it is recommended that metadata is updated automatically.
|Haka metadata signing certificate starting from 20.12.2017||haka-sign-v4.pem|
Authenticity of the metadata MUST be verified before using. The certificate to check the authenticity can be found on this page. Also the validity of the metadata MUST be verified. Expired metadata MUST NOT be used.
Using HTTPS-URL is not sufficient way to ensure metadata authenticity. Authenticity can be verified only by checking XML-signature of the metadata.