...
- Create the key and add it to the software to be able to decrypt incoming messages.
- Upload the new XML with the new cert to metato metadata.swamid.se and /admin and request publication. Wait until you get confirmation of publication and then for at least 8 h more (recommended 24 h if in SWAMID and 48 h in eduGAIN) for all entities to pick up the new cert/key. All
- All encrypted messages should now come with the new key. Skip to 5
- skip Skip to 5
- Disable / remove key from software.
...
- Create the key.
- Upload the new XML with both new and old cert to meta.swamid.se and request publication.to metadata.swamid.se/admin and request publication. Wait until you get confirmation of publication and then for at least 8 h more (recommended 24 h if in SWAMID and 48 h in eduGAIN) for all entities to pick up the new cert/key.
- All Entites should now have out new Signing-key/cert. Switch in software to start signing with new key. Disable / remove old key from software.
- Request removal of old cert via metadata.swamid.se/admin .
- We are done
Rolling combined encryption/signing key
- Create the key and add it to the software to be able to decrypt incoming messages.
- Upload the new XML with the old cert (marked use=signing) and new cert without any use attribute to metadata.swamid.se/admin and request publication. Wait until you get confirmation of publication and then for at least 8 h more (recommended 24 h if in SWAMID and 48 h in eduGAIN) for all entities to pick up the new cert/key.
- All encrypted messages should now come with the new key and all Entites should now have out new Signing-key/cert. Switch in software to start signing with new key.
- Request removal of old cert via metadata.swamid.se/admin and request publication. Wait until you get confirmation of publication and then for at least 8 h more (recommended 24 h if in SWAMID and 48 h in eduGAIN) for all entities to stop using the old encryption cert/key. skip to 5
- Disable / remove key from software.
Gamla sidor
...