Changes between Version 4 and Version 5 of IdpKeyRollOver


Ignore:
Timestamp:
07/08/11 14:08:02 (13 years ago)
Author:
jpmitchell@…
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • IdpKeyRollOver

    v4 v5  
    212212-bash-3.2$ cp idp.new.jks /opt/shibboleth-idp/credentials/ 
    213213}}} 
     214 
     21511. Edit the tomcat server.xml config file to change to the new Java Key Store for the back channel query. 
     216{{{ 
     217-bash-3.2$ svn co svn+ssh://sxjpm@iron.alaska.edu/usr/local/iam/shib-svn/tomcat/trunk/conf 
     218-bash-3.2$ vi conf/server.xml 
     219... 
     220            <!-- added per shibb installation --> 
     221            <Connector port="8443" 
     222                   protocol="org.apache.coyote.http11.Http11Protocol" 
     223                   SSLImplementation="edu.internet2.middleware.security.tomcat6.DelegateToApplicationJSSEImplementation" 
     224                   scheme="https" 
     225                   SSLEnabled="true" 
     226                   clientAuth="true" 
     227                   keystoreFile="/opt/shibboleth-idp/credentials/idp.new.jks" 
     228                   keystorePass="shibbpass" /> 
     229... 
     230:wq! 
     231-bash-3.2$ svn ci conf/server.xml -m "Changed back channel query to use new key/cert." 
     232}}} 
     233 
     23412. Test config changes according to [[https://iam.alaska.edu/shib/wiki/TestIdPConfig|Test IdP Config Change]] procedure.