We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
When using both certificate and alt_certs when creating a ServiceProvider, certain identity providers do not like the metadata generated.
certificate
alt_certs
ServiceProvider
const fs = require('fs'); const saml2 = require('saml2-js'); // Generate a certificate with: // openssl req -x509 -sha256 -nodes -days 3 -newkey rsa:2048 -keyout old.pem -out old.crt -extensions v3_ca var sp = new saml2.ServiceProvider({ assert_endpoint: "https://sp.example.com/assert", entity_id: "https://sp.example.com/metadata.xml", certificate: fs.readFileSync("new.crt").toString(), private_key: fs.readFileSync("new.pem").toString(), alt_certs: [fs.readFileSync("old.crt").toString()], alt_private_keys: [fs.readFileSync("old.crt").toString()] }); var metadata = sp.create_metadata(); console.log(metadata);
Taking that generated metadata and using it (for example) with ADFS:
Searching for MSIS7508 indicates that ADFS does not know what to do with multiple encryption certificates.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
When using both
certificateandalt_certswhen creating aServiceProvider, certain identity providers do not like the metadata generated.Taking that generated metadata and using it (for example) with ADFS:
Searching for MSIS7508 indicates that ADFS does not know what to do with multiple encryption certificates.
The text was updated successfully, but these errors were encountered: