44 lines
6.5 KiB
Bash
44 lines
6.5 KiB
Bash
cat<<EOF
|
|
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
|
|
<CoreConfiguration xmlns="http:/www.bos_bremen.de/2009/06/eID-Server-CoreConfig">
|
|
<ServerUrl>https://${PUBLIC_HOSTNAME}/eidas-middleware</ServerUrl>
|
|
<sessionManagerUsesDatabase>true</sessionManagerUsesDatabase>
|
|
<sessionMaxPendingRequests>500</sessionMaxPendingRequests>
|
|
<certificateWarningMargin>200</certificateWarningMargin>
|
|
<TimerConfiguration>
|
|
<certRenewal length="2" unit="11"/>
|
|
<blacklistRenewal length="2" unit="11"/>
|
|
<masterAndDefectListRenewal length="2" unit="11"/>
|
|
</TimerConfiguration>
|
|
<ServiceProvider entityID="se-de-middleware" enabled="true">
|
|
<EPAConnectorConfiguration updateCVC="true">
|
|
<CVCRefID>se-de-middleware</CVCRefID>
|
|
<PkiConnectorConfiguration>
|
|
<blackListTrustAnchor>MIIEMTCCAxmgAwIBAgIDGMKjMA0GCSqGSIb3DQEBCwUAMF0xCzAJBgNVBAYTAkRFMRkwFwYDVQQKExBFQUMgQW53ZW5kZXIgUEtJMRQwEgYDVQQLEwtFQUMgU3lzdGVtZTEdMBsGA1UEAxMURUFDIFN5c3RlbSBDQSAxIDIwMTQwHhcNMTYxMDI2MDkzMDEzWhcNMTkwNjE4MDgyMTM3WjBvMQswCQYDVQQGEwJERTEUMBIGA1UEChMLRUFDIFN5c3RlbWUxEDAOBgNVBAsTB0Fwb2xsb24xIzAhBgNVBAMTGkJDQVAgRFZTRCBCbGFja2xpc3QgU2lnbmVyMRMwEQYDVQQFEwoyODAyNzkwNjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuG9IgN0IGk8eyjDw8tBOkRQiuN6rK/GAh5uE5XD12Nw8QBzdOWaj7c6uzS36BTkb7WhsfQaBPO89Z9de4bBmk8U4j3nRK1stAIchKcfTLqPjVknisZhlNh/TBjDtZ8yxk/SeFmszALA2pNd14vMwuvXjvkLreP9nZmuc8v35JUBPE/YRJpM/py117t36Hy4z0e8uPBnexVp2pTS/lgJx5J79Cj/9BltA0u/WwsSH2BNaARqDY5++73M9+WX5+8pdmswYpCK3LiNVv1u7VlbVajByrMZvpDGPu2DF+IFmENHTlAVUyiWTjZtjq62xM5bxW/dgXg2cWxdhkMGsArB5QIDAQABo4HnMIHkMB8GA1UdIwQYMBaAFK6n9MJdvNI/yYVbvrmrzZnSWCFbMBYGA1UdIAQPMA0wCwYJKoIUAFAHg3QKMHoGA1UdHwRzMHEwb6BtoGuGM2h0dHA6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2VhY19zeXN0ZW1fY2FfMV8yMDE0LmNybIY0aHR0cHM6Ly93d3cuZC10cnVzdC5uZXQvY3JsL2VhY19zeXN0ZW1fY2FfMV8yMDE0LmNybDAdBgNVHQ4EFgQU8csAobRtd+DNeQNuvCmF7PXeBjMwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQCgNtj2JidGISyuIdLCaL9xRZmBDGV6fT8Rqzl8DigKyO5fdkrKvfpeTOK983VkiX0v652hfYFl+7JwlgV5g9Daql9aAiw35Qti68Fpr3mIwkZAn/Ee2ZDFVUQBQi1Ka2NKpANniFtldwWnbRORH4OA/KKI0IDmRpe1bkkYvYyvmCwswu3Sb3++8x1c3HRJRdPrSYgTKz6Gi311YR03XI/YJy+4wIpbUY24g4J2ZwND0Q5axJ6qrXO/v3iA+6VMgF+JGlb/PLLy2+RsFQFL5hDIDi5ONcFB8jIc59onvDlLEv0TlvM19iGcL/mvJOlBHO756LNedjg6fHpOhRLR9IaZ</blackListTrustAnchor>
|
|
<masterListTrustAnchor>MIIEHjCCA6WgAwIBAgICAJkwCgYIKoZIzj0EAwMwTzELMAkGA1UEBhMCREUxDTALBgNVBAoMBGJ1bmQxDDAKBgNVBAsMA2JzaTEMMAoGA1UEBRMDMTAxMRUwEwYDVQQDDAxjc2NhLWdlcm1hbnkwHhcNMTYwNzA1MDg1NTAyWhcNMjcwMTA1MjM1OTU5WjBbMQswCQYDVQQGEwJERTENMAsGA1UECgwEYnVuZDEMMAoGA1UECwwDYnNpMQ0wCwYDVQQFEwQwMDI3MSAwHgYDVQQDDBdDU0NBIE1hc3RlciBMaXN0IFNpZ25lcjCCATMwgewGByqGSM49AgEwgeACAQEwLAYHKoZIzj0BAQIhAKn7V9uh7qm8PmYKkJ2DjXJuO/Yj1SYgKCATSB0fblN3MEQEIH1aCXX8LDBX7vZ1MEF6/+f7gFXBJtxcbOlKS0TzMLXZBCAm3Fxs6UpLRPMwtdm713y/lYQWKVz34c5rzNwY/4wHtgRBBIvSrrnLflfLLEtIL/yBt6+53ifh470jwjpEU72azjJiVH74NcPaxP2X+EYaFGEdycJ3RRMt7Y5UXB1Uxy8EaZcCIQCp+1fboe6pvD5mCpCdg41xjDl6o7VhpveQHg6Cl0hWpwIBAQNCAARWreEnBitecKA7VBgYXXS9Vij2ASnm9Fg/5aDMe7kIADBJp68bP4M4p/N1yu4Wbwstnt4eux+8fPRsa8rPDuIro4IBhzCCAYMwHwYDVR0jBBgwFoAUwXupFfdc3dJrPWCaI1TeEu4/DsYwHQYDVR0OBBYEFJZYZYol4GeYB9BcN/HSOWZFtJx3MA4GA1UdDwEB/wQEAwIHgDArBgNVHRAEJDAigA8yMDE2MDcwNTA4NTUwMlqBDzIwMTYxMTA1MjM1OTU5WjAWBgNVHSAEDzANMAsGCQQAfwAHAwEBATBRBgNVHREESjBIgRhjc2NhLWdlcm1hbnlAYnNpLmJ1bmQuZGWGHGh0dHBzOi8vd3d3LmJzaS5idW5kLmRlL2NzY2GkDjAMMQowCAYDVQQHDAFEMFEGA1UdEgRKMEiBGGNzY2EtZ2VybWFueUBic2kuYnVuZC5kZYYcaHR0cHM6Ly93d3cuYnNpLmJ1bmQuZGUvY3NjYaQOMAwxCjAIBgNVBAcMAUQwFAYDVR0lAQH/BAowCAYGZ4EIAQEDMDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6Ly93d3cuYnNpLmJ1bmQuZGUvY3NjYV9jcmwwCgYIKoZIzj0EAwMDZwAwZAIwSzwRiGekt9rljYvU2gaXdYx5GhZiTNpC6PpZJGWWrhsKN+e7n1Ey6ww63slw9AZKAjBFFEdWWSjQ29cMPxRfG8g2xr9coom4eJ1YbjVPqiFQnBewmKpObWQ6ap9RkusO1Gc=</masterListTrustAnchor>
|
|
<defectListTrustAnchor>MIIEHTCCA6SgAwIBAgIBWDAKBggqhkjOPQQDAzBPMQswCQYDVQQGEwJERTENMAsGA1UECgwEYnVuZDEMMAoGA1UECwwDYnNpMQwwCgYDVQQFEwMxMDExFTATBgNVBAMMDGNzY2EtZ2VybWFueTAeFw0xNDAxMTQwOTM4MDlaFw0yNDA3MTQyMzU5NTlaMFsxCzAJBgNVBAYTAkRFMQ0wCwYDVQQKDARidW5kMQwwCgYDVQQLDANic2kxDTALBgNVBAUTBDAwMTUxIDAeBgNVBAMMF0NTQ0EgRGVmZWN0IExpc3QgU2lnbmVyMIIBMzCB7AYHKoZIzj0CATCB4AIBATAsBgcqhkjOPQEBAiEAqftX26Huqbw+ZgqQnYONcm479iPVJiAoIBNIHR9uU3cwRAQgfVoJdfwsMFfu9nUwQXr/5/uAVcEm3Fxs6UpLRPMwtdkEICbcXGzpSktE8zC12bvXfL+VhBYpXPfhzmvM3Bj/jAe2BEEEi9Kuuct+V8ssS0gv/IG3r7neJ+HjvSPCOkRTvZrOMmJUfvg1w9rE/Zf4RhoUYR3JwndFEy3tjlRcHVTHLwRplwIhAKn7V9uh7qm8PmYKkJ2DjXGMOXqjtWGm95AeDoKXSFanAgEBA0IABDxxoiI6RiEjxED83XfpG5/vrX5QE20ytOcTQFXtpEaCmOQrxCEhWQRbnQkY30FMT2DkrFg4N2MgARQ/ic7rvRKjggGHMIIBgzAfBgNVHSMEGDAWgBTBe6kV91zd0ms9YJojVN4S7j8OxjAdBgNVHQ4EFgQUvLpFCKT7YNs79ffzmzMSYjLRKOowDgYDVR0PAQH/BAQDAgeAMCsGA1UdEAQkMCKADzIwMTQwMTE0MDkzODA5WoEPMjAxNDA1MTQyMzU5NTlaMBYGA1UdIAQPMA0wCwYJBAB/AAcDAQEBMFEGA1UdEQRKMEiBGGNzY2EtZ2VybWFueUBic2kuYnVuZC5kZYYcaHR0cHM6Ly93d3cuYnNpLmJ1bmQuZGUvY3NjYaQOMAwxCjAIBgNVBAcMAUQwUQYDVR0SBEowSIEYY3NjYS1nZXJtYW55QGJzaS5idW5kLmRlhhxodHRwczovL3d3dy5ic2kuYnVuZC5kZS9jc2NhpA4wDDEKMAgGA1UEBwwBRDAUBgNVHSUBAf8ECjAIBgZngQgBAQMwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3d3dy5ic2kuYnVuZC5kZS9jc2NhX2NybDAKBggqhkjOPQQDAwNnADBkAjAx3r+Kcp3MwzbPvtxee3BWvLOia/A6cONUZm4dP1HQlrVWhnaXOXGhNeulPkhbXecCMHNSJuIW42v0Ag/anK1V0YTOtmqTm9pEI9IYJsocNCMAKDeCzoPfJ2Qqs0RGh+Lx6Q==</defectListTrustAnchor>
|
|
<policyImplementationId>budru</policyImplementationId>
|
|
<sslKeys id="default">
|
|
<serverCertificate>${DEMW_TLS_SERVER_CERT}</serverCertificate>
|
|
<clientCertificate>${DEMW_TLS_CLIENT_CERT}<</clientCertificate>
|
|
<clientKey>${DEMW_TLS_CLIENT_CERT}</clientKey>
|
|
</sslKeys>
|
|
<terminalAuthService sslKeysId="default">
|
|
<url>https://berca-ps.d-trust.net/ps/dvca-at</url>
|
|
</terminalAuthService>
|
|
<restrictedIdService sslKeysId="default">
|
|
<url>https://berca-ps.d-trust.net/ps/dvsd_v2</url>
|
|
</restrictedIdService>
|
|
<passiveAuthService sslKeysId="default">
|
|
<url>https://berca-ps.d-trust.net/ps/scs</url>
|
|
</passiveAuthService>
|
|
<dvcaCertDescriptionService sslKeysId="default">
|
|
<url>https://berca-ps.d-trust.net/ps/dvca-at-cert-desc</url>
|
|
</dvcaCertDescriptionService>
|
|
</PkiConnectorConfiguration>
|
|
<PaosReceiverURL>https://${PUBLIC_HOSTNAME}/eidas-middleware/paosreceiver</PaosReceiverURL>
|
|
<hoursRefreshCVCBeforeExpires>48</hoursRefreshCVCBeforeExpires>
|
|
</EPAConnectorConfiguration>
|
|
</ServiceProvider>
|
|
</CoreConfiguration>
|
|
EOF
|