mahara-contributors team mailing list archive

Thread
Date

[Bug 1800058] Re: Allow saml auth to rotate SP certificate

To: mahara-contributors@xxxxxxxxxxxxxxxxxxx
From: Robert Lyon <robertl@xxxxxxxxxxxxxxx>
Date: Mon, 29 Oct 2018 20:31:19 -0000
Reply-to: Bug 1800058 <1800058@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

The patch https://reviews.mahara.org/#/c/9254/7 allows one to have 2
certs in play at once and then to remove the older certificate via the
Admin -> Extensions interface.

What it is lacking is to be able to create a self-signed cert that
contains things like subjectAltName - due limitations in the PHP inbuilt
openssl_* functions

What would also be good to have is the ability to paste in a cert.conf
file details to use that to make the self signed cert (or at very least
to copy local/commandline generated cert / pem files into place)

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1800058

Title:
  Allow saml auth to rotate SP certificate

Status in Mahara:
  In Progress

Bug description:
  Need a system where we can create a new certificate without dropping
  the old certificate until all IdP's are up to date with new metadata

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1800058/+subscriptions

References

[Bug 1800058] [NEW] Allow saml auth to rotate SP certificate
From: Robert Lyon, 2018-10-26