For now add dashboard to test satosa proxy.

test-sso-proxy1.cert.sunet.se/overlay/etc/hiera/data/local.yaml

@@ -108,6 +108,7 @@ saml2_frontend:
           - metadata/rt-test.xml
           - metadata/zammad-test.xml
           - metadata/zammad-app.xml
+          - metadata/dashboard.xml
       entityid: https://test-sso-proxy.cert.sunet.se/idp
       service:
         idp:

test-sso-proxy1.cert.sunet.se/overlay/etc/satosa/metadata/dashboard.xml

@@ -0,0 +1,83 @@
+<!--
+This is example metadata only. Do *NOT* supply it as is without review,
+and do *NOT* provide it in real time to your partners.
+ -->
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_b1d4aca6d44cf7cc87cf2163d536eb1b07e8209b" entityID="https://dashboard.cert.sunet.se">
+
+  <md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
+    <alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+    <alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
+  </md:Extensions>
+
+  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+    <md:Extensions>
+      <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://dashboard.cert.sunet.se/Shibboleth.sso/satosa"/>
+    </md:Extensions>
+    <md:KeyDescriptor>
+      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+        <ds:KeyName>shib_cert</ds:KeyName>
+        <ds:X509Data>
+          <ds:X509SubjectName>CN=shib_cert</ds:X509SubjectName>
+          <ds:X509Certificate>MIIFCTCCAvGgAwIBAgIUUMMsoV5NcnbEsVzeo7jmA0OISz0wDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJc2hpYl9jZXJ0MB4XDTI1MDEzMTExMDU1NVoXDTM1MDEy
+OTExMDU1NVowFDESMBAGA1UEAwwJc2hpYl9jZXJ0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAlh9MgZj49ZwMJCMRbRsq5xXxm5QckxdVOCtohfEnmq0u
+zrMXX4HavcCE5yJFVPtU8LNQpK/MvNyvPB9pLj5XgnrPho3j9hfaROPRtFPNMl8W
+UGdup1x4dqUMB5vQ7dTD8CaePhMxVre1blxfzhWFryP3bD0Qw8HCTQvnxtLPvlhq
+JB0VsIe/4cBCKpVbcHhkv8+LvYTJ0RwpQJWg/hLbyrROXNBf73VOVFCh9NepPPAg
+RZOphf3OipGKHHUHkcNFxX8SUoBLqTuPn+JZVlUqpXoEhx/vcxAvN0g6XIpGmkvb
+cDeeDVdaRSFwTCcny3cEukIZhrPaB4O+WzsEEQNU59aTabI5oyIlaBf0UB92JSsd
+Qz/HCS7GV5FEbJlTQcACrm5UAmoVbni9cNumuiR6m7VOO+lnleB2ziuhJYyo13bC
+O7ZMX5gEDO5LGdfPyuOwxDvTAqCwiLxjoEtd8Z5KMuy/hqO0gDsgPrW6vSXELRqx
+E6BxxKGIJ7I8hVS++RysXUWKGSDzNqODeh8SiiNWQR8h5501Rm8aSiPydpoxolD3
+iNOvnUNVhHSZq/Kfby9gbJHnyOnML4CCYHsewb+M/tBvfa1XcOeQ6bBUJM+BJU14
+jNrWjcbMUxD8hikSWGQo3J52IVgIihn8zdXKuUJO1hXZCVBaQ6VUEEU3CvOhiW8C
+AwEAAaNTMFEwHQYDVR0OBBYEFEQ/A83oecJiFrW+2Oz1/AngDxUtMB8GA1UdIwQY
+MBaAFEQ/A83oecJiFrW+2Oz1/AngDxUtMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggIBAIdjCMYomsRnGsWIJir71yh866ZGpXwPDmCSIpa0TCjFGqr+
+jwb5p7dCb+ivRAqc4NQt1x5Ga/LazcGpxkSn/+Zyn1NfUWBIprrS1lD3kmtY8p/E
+DBV95Uv5SgSmFCj/TmrjFzBTdCcDwtmXyZC09TJ1Yj/YjT8GSUdVdlbfTkCWAzqy
+EHWOc0tc5EVI5Ndvom/YU47UXq/d9ENONuQn979zQHWolqw898fgv3wrBzSOF9ja
+WV2k5J6PX6OUwFl2H/e1PkLsTDkZiFMWgSdCgxvGp6db6J+CK5VeKPgFdLPC8f08
+yt+q2Znj9LMczA+N4Y1HoNsTydO8HABK7NsZGQ3XvJVt7BYxb2es1OpeHX9LypYZ
+ibUJUUre5iwEA3sqiMkr+wcBlQisnZEzuxTGaxZInjOJ5lQ2aXcPDllBbPVA7t7B
+3oQXLRxhBTaIVzZXdDztKnZQjbY3x5kfRmWcmwErOhIoAloaM1FcKPhdrgibYqk/
+jHW9qzs4QoJ1nGeHkzECUi8uFrHRrdSOUdVRRVhgRLFZao4R0BMrli6diFgaXS1d
+TGQpBGM4ObM7WJNuN6cRfqnFP7g+CZcevzPXsFZCsUzbJNVnSgqiSpWL7sBpp9Zg
+QcON1Y9nB7xgzIKLJGEDizjPAL2Uy1Ho5S+NOTw1sgAih2D33goJootQObYh
+</ds:X509Certificate>
+        </ds:X509Data>
+      </ds:KeyInfo>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
+      <md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
+    </md:KeyDescriptor>
+    <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dashboard.cert.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dashboard.cert.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dashboard.cert.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dashboard.cert.sunet.se/Shibboleth.sso/SLO/POST"/>
+    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dashboard.cert.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dashboard.cert.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+  </md:SPSSODescriptor>
+
+</md:EntityDescriptor>