Signing certificate of Haka metadata has changed. Update your provider's configuration now. New certificate is here.
Metadata updates are announced to the Identity and Service Provider administrators. Metadata updates should be deployed within 24 hours of its release. Therefore it is recommended that metadata is updated automatically.
Haka-metadata
| Selitys | Osoite/Linkki |
|---|---|
| Haka Metadata | metadata.xml |
| Haka metadata signing certificate until 4.5.2015 | haka-sign-v2.pem |
| Haka metadata signing certificate starting from 4.5.2015 | haka-sign-v3.pem |
| Attribute filter for Shibboleth IdP | attribute-filter.xml |
| Attribute filter md5 hash | mdsum.afp |
Metadata verification
The metadata files have a XML signature to make it possible to verify that they are genuine. You can find the certificate (haka-sign.csc.fi.pem) from above. MD5-sums of the metadata files are also provided. You can check them e.g. by using md5sum tool.
For further information please contact Haka helpdesk.
Using HTTPS-URL is not sufficient way to ensure metadata authenticity. Authenticity can be assured by checking XML-signature of the metadata.