Include certificate in generated metadata #150

zxaos · 2016-04-05T16:28:56Z

If passport-saml is configured with a privateCert, the generated metadata does not include the corresponding public certificate.

It would be useful to either have another parameter we could pass to include the public certificate in the metadata, or if it would be added automatically if the privateCert file contained both the private key and the public cert.

zxaos · 2016-04-12T18:21:14Z

For anyone else who comes across this issue - you can get the key to show up in the metadata by also configuring decryptionPvk and providing the certificate in the generateServiceProviderMetadata. It doesn't appear to be possible to only have the key present for signing, or to have different signing and decryption keys.

benjamine · 2018-01-12T16:39:00Z

@zxaos I'm making a first attempt to support separate signing and encription certs in metadata,
with pull #255

benjamine mentioned this issue Jan 12, 2018

SP metadata: distinguish signing and encryption certs #255

Closed

snyk-bot mentioned this issue Dec 2, 2020

[Snyk] Upgrade xmldom from 0.1.31 to 0.4.0 elenia/futurice-passport-saml#1

Open

node-saml locked and limited conversation to collaborators Sep 21, 2021

cjbarth closed this as completed Sep 21, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

This issue was moved to a discussion.

Include certificate in generated metadata #150

Include certificate in generated metadata #150

zxaos commented Apr 5, 2016

zxaos commented Apr 12, 2016

benjamine commented Jan 12, 2018

This issue was moved to a discussion.

This issue was moved to a discussion.

Include certificate in generated metadata #150

Include certificate in generated metadata #150

Comments

zxaos commented Apr 5, 2016

zxaos commented Apr 12, 2016

benjamine commented Jan 12, 2018

This issue was moved to a discussion.