What must be done when changing the certificate of our service?¶
There may be two certificates in use at services connected to Feide:
The certificate used to secure communications to the web page (the https-certificate).
The Feide login system never communicates directly with your service. Instead all communication goes through the end user’s web browser. This means that there is no need to make any adjustments at Feide’s end when the https-certificate changes.
The certificate used in the SAML 2.0 service provider software.
SAML 2.0 allows service providers to sign and encrypt messages. Feide does not require signed messages from service providers, and does not encrypt messages to the services. The certificate configured in the SAML 2.0 software at the service is therefore not used by Feide, and can be updated any time the service requires it.