From 758f01f47c74c228254e335e2cdb6e34864d12c6 Mon Sep 17 00:00:00 2001
From: Leif Johansson <leifj@sunet.se>
Date: Thu, 20 Sep 2018 23:00:39 +0200
Subject: [PATCH] reset prod config

---
 .../eidas-proxy/se/cfg/application.properties | 20 ++++++++-----------
 .../se/cfg/general-metadata.properties        |  2 +-
 .../se/cfg/natsp-metadata.properties          |  4 ++--
 .../se/cfg/psidp-metadata.properties          |  2 ++
 .../se/cfg/psidp-metadata.properties          |  2 ++
 5 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/application.properties b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/application.properties
index 13fcf985..ae36c442 100644
--- a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/application.properties
+++ b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/application.properties
@@ -35,6 +35,7 @@ proxy-service.country=SE
 # Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"
 
 proxy-service.pkcs11.external-config-locations=${spring.config.location}/pkcs11.cfg
+proxy-service.pkcs11.reloadable-keys=false
 
 proxy-service.keySourceType=PKCS11
 proxy-service.keySourcePass=${proxy-service.pkcs11.pin}
@@ -67,33 +68,28 @@ proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3
 proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md
 
 #Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"
-proxy-service.eidasMdListLocation=https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
+proxy-service.eidasMdListLocation=https://md.eidas.swedenconnect.se/mdservicelist-aggregate.xml
 
 # Optional certificate file for validating metadata service list file signatures
 # If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
 proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/cfg/metadata.crt
 
 #Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"
-proxy-service.eidasMetadataLocation=https://qa.md.eidas.swedenconnect.se/role/sp.xml
+proxy-service.eidasMetadataLocation=https://md.eidas.swedenconnect.se/role/sp.xml
 
 # Optional certificate file for validating metadata signatures
 # If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
-proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/metadata.crt
+proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt
 
 # Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.
 proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache
 
 #Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"
 
-proxy-service.nationalMetadata.test.location=http://eid.svelegtest.se/metadata/mdx/role/idp.xml
-proxy-service.nationalMetadata.test.certFile=${proxy-service.path.prefix}/cfg/se-metadata-cert.crt
-proxy-service.nationalMetadata.test.cacheFile=${proxy-service.path.prefix}/cache/test-metadata.xml
-proxy-service.nationalMetadata.test.index=1
-
-proxy-service.nationalMetadata.qa.location=https://qa.md.swedenconnect.se/role/idp.xml
-proxy-service.nationalMetadata.qa.certFile=${proxy-service.path.prefix}/cfg/metadata.crt
-proxy-service.nationalMetadata.qa.cacheFile=${proxy-service.path.prefix}/cache/qa-metadata.xml
-proxy-service.nationalMetadata.qa.index=0
+proxy-service.nationalMetadata.prod.location=https://md.swedenconnect.se/role/idp.xml
+proxy-service.nationalMetadata.prod.certFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt
+proxy-service.nationalMetadata.prod.cacheFile=${proxy-service.path.prefix}/cache/prod-metadata.xml
+proxy-service.nationalMetadata.prod.index=0
 
 management.context-path=/manage
 management.security.enabled=false
diff --git a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/general-metadata.properties b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/general-metadata.properties
index 6c8f5590..dcfe3788 100644
--- a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/general-metadata.properties
+++ b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/general-metadata.properties
@@ -1,7 +1,7 @@
 psgen.country=${proxy-service.country}
 psgen.name=Sweden eIDAS ProxyService
 psgen.orgName=Sweden Connect
-psgen.dispName=Swedish eIDAS Proxy Service QA
+psgen.dispName=Swedish eIDAS Proxy Service
 psgen.orgUrl=https://swedenconnect.se
 psgen.supportGivenName=Customer support
 psgen.techGivenName=Technical support
diff --git a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/natsp-metadata.properties b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/natsp-metadata.properties
index 301fc7fc..6487baf6 100644
--- a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/natsp-metadata.properties
+++ b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/natsp-metadata.properties
@@ -5,8 +5,8 @@ natsp.displayNames={\
   sv:'Sveriges internationella legitimeringsnod'\
   }
 natsp.descriptions={\
-  en:'Test service for the Swedish eIDAS Pilot New Local',\
-  sv:'Testtjänst för Svenska eIDAS piloten'\
+  en:'Swedish eIDAS Service',\
+  sv:'Svenska eIDAS Tjänsten'\
   }
 # Logos are specified as a map with the url as key followed by  height,width[,lang] as comma separated parameters.
 natsp.logos={\
diff --git a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties
index fd5edee5..f39dd32b 100644
--- a/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties
+++ b/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties
@@ -28,6 +28,8 @@ psmd.idp.supportedAttributes=\
   http://eidas.europa.eu/attributes/naturalperson/Gender
 psmd.idp.assuranceCertifications=\
   http://eidas.europa.eu/LoA/high,\
+  http://eidas.europa.eu/LoA/substantial,\
+  http://eidas.europa.eu/LoA/low,\
   http://eidas.europa.eu/LoA/NotNotified/low,\
   http://eidas.europa.eu/LoA/NotNotified/substantial,\
   http://eidas.europa.eu/LoA/NotNotified/high
diff --git a/eidas-qa-proxy/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties b/eidas-qa-proxy/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties
index fd5edee5..f39dd32b 100644
--- a/eidas-qa-proxy/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties
+++ b/eidas-qa-proxy/overlay/etc/eidas-proxy/se/cfg/psidp-metadata.properties
@@ -28,6 +28,8 @@ psmd.idp.supportedAttributes=\
   http://eidas.europa.eu/attributes/naturalperson/Gender
 psmd.idp.assuranceCertifications=\
   http://eidas.europa.eu/LoA/high,\
+  http://eidas.europa.eu/LoA/substantial,\
+  http://eidas.europa.eu/LoA/low,\
   http://eidas.europa.eu/LoA/NotNotified/low,\
   http://eidas.europa.eu/LoA/NotNotified/substantial,\
   http://eidas.europa.eu/LoA/NotNotified/high