Changing the display name of the site shouldn't break the SAML private key pass

Bug #1829108 reported by Robert Lyon on 2019-05-15
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Mahara
High
Robert Lyon

Bug Description

If we change the site name for a site that uses SAML it breaks the ability to login via SAML

We can roll the certificates and delete old ones to fix this problem but it means the IdPs will need to update their info about the SP certificate so no one can log in until this is done.

We should have a static SAML private key that is part of the saml auth plugin rather than rely on site name

Robert Lyon (robertl-9) on 2019-05-15
Changed in mahara:
assignee: nobody → Robert Lyon (robertl-9)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers