Metadata Signing Key

Created by Peter Brand on 21. Nov 2013

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

All Metadata documents published by ACOnet for the eduID.at service are signed with a 2048-bit sized private key that corresponds to the public key contained in the self-issued X.509 certificate reproduced below in Base64-encoded DER format:

-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIJAJS+3dUtfj7NMA0GCSqGSIb3DQEBBQUAMIG4MQswCQYD
VQQGEwJBVDEjMCEGA1UEChMaQUNPbmV0IC8gVW5pdmVyc2l0YWV0IFdpZW4xOTA3
BgNVBAsTMFplbnRyYWxlciBJbmZvcm1hdGlrZGllbnN0IGRlciBVbml2ZXJzaXRh
ZXQgV2llbjEkMCIGA1UEAxMbQUNPbmV0IE1ldGFkYXRhIFNpZ25pbmcgS2V5MSMw
IQYJKoZIhvcNAQkBFhRhYWkuemlkQHVuaXZpZS5hYy5hdDAeFw0wODA1MjkxMjI3
MjBaFw0xODA1MjcxMjI3MjBaMIG4MQswCQYDVQQGEwJBVDEjMCEGA1UEChMaQUNP
bmV0IC8gVW5pdmVyc2l0YWV0IFdpZW4xOTA3BgNVBAsTMFplbnRyYWxlciBJbmZv
cm1hdGlrZGllbnN0IGRlciBVbml2ZXJzaXRhZXQgV2llbjEkMCIGA1UEAxMbQUNP
bmV0IE1ldGFkYXRhIFNpZ25pbmcgS2V5MSMwIQYJKoZIhvcNAQkBFhRhYWkuemlk
QHVuaXZpZS5hYy5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMEg
y0tuWObKZqwfH8pEqs1202hLLEf3A9dn6BSA6C8DeT1BMF1lj7JfM18qBcNp1paz
kSuO2fMI1NUJTuAXGUbfIsedhiV7PUOcYAbOMxP16eoYFAWtIn9j8TlqANlE6lIA
Y/C+o6FZM+awXomOydgpH70cPkEs5DJvmBLJgHMKcoIWrynw72Ejsbm7mAWnKpMB
mtCfAJA7oht5H6cnawhOUfCk7fD+uV4nufoPGAlNJqpdbwsw9DuPMuXSuUhw+D4Z
KRtgQGshojVEe2w0pFRJW97sm8I29AUCPqtIbuDaqXmY02NKU57uaGYUFuPXuDPo
CiRKElHHiNwkmep0nx8CAwEAAaOCASEwggEdMB0GA1UdDgQWBBRMDvgWXOITq/Y4
pQcczif+Ly7y4zCB7QYDVR0jBIHlMIHigBRMDvgWXOITq/Y4pQcczif+Ly7y46GB
vqSBuzCBuDELMAkGA1UEBhMCQVQxIzAhBgNVBAoTGkFDT25ldCAvIFVuaXZlcnNp
dGFldCBXaWVuMTkwNwYDVQQLEzBaZW50cmFsZXIgSW5mb3JtYXRpa2RpZW5zdCBk
ZXIgVW5pdmVyc2l0YWV0IFdpZW4xJDAiBgNVBAMTG0FDT25ldCBNZXRhZGF0YSBT
aWduaW5nIEtleTEjMCEGCSqGSIb3DQEJARYUYWFpLnppZEB1bml2aWUuYWMuYXSC
CQCUvt3VLX4+zTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQASWCbG
/jR4a8lxYvRoh+B7KDQa95R4UPnN1A+pIsGcEkYPa8thqpnHH6vCm6VioIc34wfw
KtruBYVfxrT8Bh7A2kuRCpnXzZtMnFsxRJP5GB28VJc7m7Ev4OjOOVglahPM7xFu
gVFxsxYimah1JQIMAJPHFYgwhEEPMmuwpCd0S9Lj6yVc0VVW0NBeaqTTBRRAQdKX
ekwKYe5tVVuZV/zyXDaXJbCVwEz620VQjJ7o0aU06eJ8Sr3Q4DpXz74b/baWOhA9
3tuzubdIm+mTaEDggMgAV3cZJg+djx2eSmyDQVwxaOZ3ESiR1Gcoz0vCsg8smrZJ
wM0aEN5quFWfiFFE
-----END CERTIFICATE-----

The SHA1 fingerprint of the certificate containing that public key currently is this:

EE:37:0A:C2:77:56:F8:8B:45:3A:9B:7D:F2:F0:CA:24:C2:14:33:72

To check the fingerprint of the downloaded certificate use the openssl command, e.g.:

openssl x509 -noout -fingerprint -sha1 -in aconet-metadata-signing.crt

This certificate/public key can also be securely downloaded via HTTPS from this location:

eduID.at SAML Metadata Signing Key

https://eduid.at/keys/aconet-metadata-signing.crt

No labels