diff --git a/build.xml b/build.xml
index 0dae50d8..95626d60 100644
--- a/build.xml
+++ b/build.xml
@@ -470,6 +470,25 @@
+
+
+ Adding second Eduserv gateway certificate
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/build/add_second_eduserv_cert.pl b/build/add_second_eduserv_cert.pl
new file mode 100755
index 00000000..7fee1c6c
--- /dev/null
+++ b/build/add_second_eduserv_cert.pl
@@ -0,0 +1,56 @@
+#!/usr/bin/perl -w
+
+#
+# The input file is a fragment file that may or may not need to have
+# the new Eduserv gateway certificate added to it. Add the certificate if
+# required, or just re-export the file unchanged.
+#
+
+# This line indicates that the old certificate is present
+$old_cert_line = 'MIIDaTCCAtKgAwIBAgIQLqPCly3VfA8B2xVsTv59ajANBgkqhkiG9w0BAQUFADCB';
+
+# This line indicates that the new certificate is present
+$new_cert_line = 'new certificate value goes here';
+
+# The new certificate data
+$new_cert = <
+
+ gateway.athensams.net
+
+
+ new certificate value goes here
+
+
+
+
+EOF
+
+while (<>) {
+ if (/$old_cert_line/) {
+ $have_old_cert = 1;
+ } elsif (/$new_cert_line/) {
+ $have_new_cert = 1;
+ }
+
+ if ($ended) {
+ print $_;
+ } else {
+ push @lines, $_;
+ }
+
+ # at the end...
+ if (/<\/EntityDescriptor>/) {
+ # re-export the old file, adding the new certificate
+ while ($line = shift @lines) {
+ print $line;
+ if ($have_old_cert && !$have_new_cert && $line =~ /<\/KeyDescriptor>/) {
+ print $new_cert;
+ }
+ }
+ $ended = 1;
+ }
+
+}
+
+# end