...
Code Block | ||
---|---|---|
| ||
# Step 1: Download a copy of the metadata signing certificate via a secure channel $ MD_CERT_LOCATION=https://ds.incommon.org/certs/inc-md-cert.pem $ MD_CERT_PATH=/path/to/inc-md-cert.pem $ /usr/bin/curl --silent $MD_CERT_LOCATION > $MD_CERT_PATH # Step 2: Compute the SHA-1 and SHA-256 fingerprints of the metadata signing certificate $ /bin/cat $MD_CERT_PATH | /usr/bin/openssl x509 -sha1 -noout -fingerprint SHA1 Fingerprint=7D:B4:BB:28:D3:D5:C8:52:E0:80:B3:62:43:2A:AF:34:B2:A6:0E:DD $ /bin/cat $MD_CERT_PATH | /usr/bin/openssl x509 -sha256 -noout -fingerprint SHA256 Fingerprint=2F:9D:9A:A1:FE:D1:92:F0:64:A8:C6:31:5D:39:FA:CF:1E:08:84:0D:27:21:F3:31:B1:70:A5:2B:88:81:9F:5B |
Tip | ||
---|---|---|
| ||
The Shibboleth SP on Windows ships with its own |
Step 3: The final step is to compare the computed fingerprints to the actual fingerprints. The latter are shown on this authoritative web page:
...