forked from SUNET/soc-ops
Add keyserver metadata to satosa
This commit is contained in:
parent
eed9ce42f9
commit
61d885151e
GPG key ID:
5E8401339C7F5037
2 changed files with 83 additions and 0 deletions
|
|
@ -108,6 +108,7 @@ saml2_frontend:
|
|||
- metadata/zammad-test.xml
|
||||
- metadata/zammad-app.xml
|
||||
- metadata/dashboard.xml
|
||||
- metadata/keyserver.xml
|
||||
entityid: https://test-sso-proxy.cert.sunet.se/idp
|
||||
service:
|
||||
idp:
|
||||
|
|
|
|||
|
|
@ -0,0 +1,82 @@
|
|||
<!--
|
||||
This is example metadata only. Do *NOT* supply it as is without review,
|
||||
and do *NOT* provide it in real time to your partners.
|
||||
-->
|
||||
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="_7ac332ec794a51953c9e869a742d6b8a56b400bc" entityID="https://keyserver.cert.sunet.se/shibboleth">
|
||||
|
||||
<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
|
||||
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
|
||||
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
|
||||
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
|
||||
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
||||
<alg:SigningMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
|
||||
</md:Extensions>
|
||||
|
||||
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<md:Extensions>
|
||||
<init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/Login"/>
|
||||
<idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/Login" index="1"/>
|
||||
</md:Extensions>
|
||||
<md:KeyDescriptor>
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
<ds:KeyName>keyserver.cert.sunet.se</ds:KeyName>
|
||||
<ds:X509Data>
|
||||
<ds:X509SubjectName>CN=keyserver.cert.sunet.se</ds:X509SubjectName>
|
||||
<ds:X509Certificate>MIIEFzCCAn+gAwIBAgIUNbx9LI00dWhPes0ZdQsW2Jr3FIIwDQYJKoZIhvcNAQEL
|
||||
BQAwIjEgMB4GA1UEAxMXa2V5c2VydmVyLmNlcnQuc3VuZXQuc2UwHhcNMjUwMjEx
|
||||
MTMzMTE5WhcNMzUwMjA5MTMzMTE5WjAiMSAwHgYDVQQDExdrZXlzZXJ2ZXIuY2Vy
|
||||
dC5zdW5ldC5zZTCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBALux8ExF
|
||||
2dlhibEt1QRaPY9eE3R/GqUTh7R7AgntN6erkVl2iFGseEQSo9wxpEa8S2n4TWIN
|
||||
5zjJiMYSZQNln64/CoTyxKNjmB40Gia+Lsh0N+l/pkOv8kBcH1PIJP1k8oQOo3r6
|
||||
nYTNYZP2hV+yVL7BbMqG8pdWgTl63dMqKYegGaSu5hyC0VwDF63HeGTx++vO9rtL
|
||||
ek/Q616mipvzYmi5IHYol8RGEpGSZ/SJFeKvZlkkW6BrNTGwleGbPLKxbEB/CMTY
|
||||
2r0PBcr3/8fLnd1pSgCnfiuF1bweDdX4MjX385uc/FHR+s8BammtM0BP8Z8JAaFy
|
||||
ZN2gkAZ0usBBlS6SukUvtahFsMrkg6PTnJpgejS+qfn851v1v++ON3fHOqF8cIe9
|
||||
NjHi/8d0XAnsk6szfpQbdrhwiUXNml81yWeCbo/3yiToCYLFd0kwmFM7mzWEWM0n
|
||||
2QTjivW5iI43aUnIxvEb42E/UNws7YlM5zyaJoRBRP0EU50Cv8OIHtw+lQIDAQAB
|
||||
o0UwQzAiBgNVHREEGzAZghdrZXlzZXJ2ZXIuY2VydC5zdW5ldC5zZTAdBgNVHQ4E
|
||||
FgQUZ76LSO7ZeZI+JygC8tOTTso0k8gwDQYJKoZIhvcNAQELBQADggGBACUd3fnY
|
||||
nPYAwipiQzI4o/k+termLv/CQnrr6PUYz78T60PY8opLLRnwVuIRNe/F6w6JULfF
|
||||
HZ8NE1qcSvSjKtlyFyV5ZuCfC3aOzjhvMc5QK5yTq/wxTnYUUHkSoZWV3JgSK8tt
|
||||
5kjf8DvUmP7Wmzz5YpI7cL6IF/ovwa+cR0/SZH/PK32bzc1AdotFNfpfT/QI2siA
|
||||
1BW9xW2s73vkwRxa8q8AZfo9g1giiKgmRhjoIUAC30pAGqwGSah5pU7NRJ2qx7jK
|
||||
s0C/mJgjVN73MfSLoWNzqYvvJQtMTviIwXh/4O4RG7gigaKlm+JEmqwhPkl6tuSa
|
||||
atuTxabaD/qn6MghbYyeXnumPlgaFdou8CX0l0flRpSFnKt5bQgb4+7RzJbXm5L1
|
||||
GJPgxItu0X09xPYrjr28E/sh7EPnjRVW8FIwi5q9Mrca1H+d4Qfj1CzmGJCoWv0M
|
||||
9wW9f9ZuNqxSD7GOWkW2vlcswG4Wofn9e3ZcQDwIkE/uoU3HWQ3ldBo5Rw==
|
||||
</ds:X509Certificate>
|
||||
</ds:X509Data>
|
||||
</ds:KeyInfo>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes192-gcm"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#aes256-gcm"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
|
||||
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
|
||||
</md:KeyDescriptor>
|
||||
<md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
|
||||
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SLO/SOAP"/>
|
||||
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SLO/Redirect"/>
|
||||
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SLO/POST"/>
|
||||
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SLO/Artifact"/>
|
||||
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
|
||||
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
|
||||
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
|
||||
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://keyserver.cert.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
|
||||
</md:SPSSODescriptor>
|
||||
|
||||
</md:EntityDescriptor>
|
||||
Loading…
Add table
Reference in a new issue