diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java
index b13078e56..5bcba70bf 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/opensaml/config/JPAXMLObjectProviderInitializer.java
@@ -8,7 +8,7 @@ public class JPAXMLObjectProviderInitializer extends AbstractXMLObjectProviderIn
protected String[] getConfigResources() {
return new String[]{
"/jpa-default-config.xml",
- "/encryption-config.xml",
+ "/jpa-encryption-config.xml",
"/jpa-saml2-assertion-config.xml",
"/jpa-saml2-metadata-algorithm-config.xml",
"/jpa-saml2-metadata-attr-config.xml",
diff --git a/testbed/authentication/shibboleth-idp/metadata/dynamic/700bfe6fa4495100f5c193fa5b7ca4192c150923.xml b/testbed/authentication/shibboleth-idp/metadata/dynamic/700bfe6fa4495100f5c193fa5b7ca4192c150923.xml
index 3d2f94edf..816c9d1ed 100644
--- a/testbed/authentication/shibboleth-idp/metadata/dynamic/700bfe6fa4495100f5c193fa5b7ca4192c150923.xml
+++ b/testbed/authentication/shibboleth-idp/metadata/dynamic/700bfe6fa4495100f5c193fa5b7ca4192c150923.xml
@@ -15,6 +15,52 @@
+
+
+
+
+ MIICpzCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAXMRUwEwYDVQQDDAwzODM1
+ YTU5NjdjMjEwHhcNMjMwNDEwMTg0MTM5WhcNNDMwNDEwMTg0MTM5WjAXMRUwEwYD
+ VQQDDAwzODM1YTU5NjdjMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+ AQCQWxxf38Fa4VLYUPRn9Lb+Fvyy7wlrOtYdj7yG+PN0qKE3B+ye+vj9iiLLJBfe
+ CqJMzjivJcWjz6PYp9XDHJl3m3BchiGakwCnQahWps2qo9wdbN+QNj0VxE8E2JuB
+ CMRIL+qUpwbn81QLTwZDk/9W8tAJzZ9n1m9uo/uuFjObGUMJ8r4KjX8IeX2xNhUz
+ HtIjmHKR5gUKflKkkpwNa/AvPX7O1a4ML92bBGmtOe3DoOgzILUIP4klWDJFoA1e
+ Ok6tz3GqQ62JXHKHWJh5+r6olvZyfQ2TynfODoCHYVi99TDV7QZMY9HBLATVI2TE
+ IMz8qeCgBinEhr6fj1rIaOmHAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAHL4bMge
+ gJgyooagqTL7UUp3ZVSrYEEpTCR1l7JgmdvunGk8qxNVqu0Ir5HGJhy6/MiSkVkM
+ hgpBKC+yeV7hFbVEdMEABMs7Ge+uMtsDQs1wa9uT+FjMJ00ibtDMYqQfQ2F9bddI
+ 58VbYmxpxKsflaZGo6gKWwllreFXzfxAdOCAMwbLyZS/plX+pXEAXTNQO6wXcioZ
+ VMsjAf1gmmTeSccTNWscaloYcRyND3slGaKShWOwm7AupA+7KwHj9PqSnj4kXR1f
+ 9pwd6uZ9jhCb/fh2Xna2Blq+1H1juKKxYCESgA+6xb70EwCqAx71pnHChkTIDNOp
+ ZhiDnL3iAjiYgPQ=
+
+
+
+
+
+
+
+
+ MIICpzCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAXMRUwEwYDVQQDDAwzODM1
+ YTU5NjdjMjEwHhcNMjMwNDEwMTg0MTM5WhcNNDMwNDEwMTg0MTM5WjAXMRUwEwYD
+ VQQDDAwzODM1YTU5NjdjMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+ AQCQWxxf38Fa4VLYUPRn9Lb+Fvyy7wlrOtYdj7yG+PN0qKE3B+ye+vj9iiLLJBfe
+ CqJMzjivJcWjz6PYp9XDHJl3m3BchiGakwCnQahWps2qo9wdbN+QNj0VxE8E2JuB
+ CMRIL+qUpwbn81QLTwZDk/9W8tAJzZ9n1m9uo/uuFjObGUMJ8r4KjX8IeX2xNhUz
+ HtIjmHKR5gUKflKkkpwNa/AvPX7O1a4ML92bBGmtOe3DoOgzILUIP4klWDJFoA1e
+ Ok6tz3GqQ62JXHKHWJh5+r6olvZyfQ2TynfODoCHYVi99TDV7QZMY9HBLATVI2TE
+ IMz8qeCgBinEhr6fj1rIaOmHAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAHL4bMge
+ gJgyooagqTL7UUp3ZVSrYEEpTCR1l7JgmdvunGk8qxNVqu0Ir5HGJhy6/MiSkVkM
+ hgpBKC+yeV7hFbVEdMEABMs7Ge+uMtsDQs1wa9uT+FjMJ00ibtDMYqQfQ2F9bddI
+ 58VbYmxpxKsflaZGo6gKWwllreFXzfxAdOCAMwbLyZS/plX+pXEAXTNQO6wXcioZ
+ VMsjAf1gmmTeSccTNWscaloYcRyND3slGaKShWOwm7AupA+7KwHj9PqSnj4kXR1f
+ 9pwd6uZ9jhCb/fh2Xna2Blq+1H1juKKxYCESgA+6xb70EwCqAx71pnHChkTIDNOp
+ ZhiDnL3iAjiYgPQ=
+
+
+
+
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
@@ -22,4 +68,4 @@
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
-
+
\ No newline at end of file
diff --git a/testbed/authentication/shibui/application.yml b/testbed/authentication/shibui/application.yml
index 73f30063f..942d3aaaf 100644
--- a/testbed/authentication/shibui/application.yml
+++ b/testbed/authentication/shibui/application.yml
@@ -10,8 +10,8 @@ shibui:
pac4j-enabled: true
pac4j:
keystorePath: "/conf/samlKeystore.jks"
- keystorePassword: "changeit"
- privateKeyPassword: "changeit"
+ keystorePassword: "password"
+ privateKeyPassword: "password"
serviceProviderEntityId: "https://unicon.net/test/shibui"
serviceProviderMetadataPath: "/conf/sp-metadata.xml"
identityProviderMetadataPath: "/conf/idp-metadata.xml"
diff --git a/testbed/authentication/shibui/saml-signing-cert.crt b/testbed/authentication/shibui/saml-signing-cert.crt
new file mode 100644
index 000000000..b316a0d31
Binary files /dev/null and b/testbed/authentication/shibui/saml-signing-cert.crt differ
diff --git a/testbed/authentication/shibui/saml-signing-cert.key b/testbed/authentication/shibui/saml-signing-cert.key
new file mode 100644
index 000000000..fc2dbca71
--- /dev/null
+++ b/testbed/authentication/shibui/saml-signing-cert.key
@@ -0,0 +1,28 @@
+-----BEGIN saml-signing-cert.key-----
+MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCQWxxf38Fa4VLY
+UPRn9Lb+Fvyy7wlrOtYdj7yG+PN0qKE3B+ye+vj9iiLLJBfeCqJMzjivJcWjz6PY
+p9XDHJl3m3BchiGakwCnQahWps2qo9wdbN+QNj0VxE8E2JuBCMRIL+qUpwbn81QL
+TwZDk/9W8tAJzZ9n1m9uo/uuFjObGUMJ8r4KjX8IeX2xNhUzHtIjmHKR5gUKflKk
+kpwNa/AvPX7O1a4ML92bBGmtOe3DoOgzILUIP4klWDJFoA1eOk6tz3GqQ62JXHKH
+WJh5+r6olvZyfQ2TynfODoCHYVi99TDV7QZMY9HBLATVI2TEIMz8qeCgBinEhr6f
+j1rIaOmHAgMBAAECggEAbFKSNjdXhnSyj/QfkqqFbqGdOkA5FyftZ/1mAPpq5c1s
+PDlMC/hUQx0XAsywxEPCilPtITD83/F+B6PZujGJz8DqTeOw76cDxH52bZ95kWSo
+VcRO9o5cxCqtCPvppKgJcgnSw32apw9mr527G5bA8mP+THzp8ydsMuAGihnK28Sz
+nDIiR8dVBdNUTzIm5gqMiNYnCWkAQ9Tsiq1a0uU8JW4f923U3lkXFlG2AOkvnr/H
+fGXfNJbOz1RmEd6nGAcDf1+Jb85FS7LFckeP25rGSBcfbLwCtykuUvzx6oDeqIEt
+/eShYUSWtQf6ed1zXa1xrbTJUPwj/ILbayiCZJF7EQKBgQDdzo11mvv3tMmDtlH3
+1opqRKmUr42ih6cp0AwYKy2cFujd+kutPvgmlI0NKkEW8MtDVMpjTXvAoVCPxxVu
+/leb00wCWzge0gkYG+1WtopDqzHLlOoiNqTaAitZSArUNQkZBSE89NR2sK2awvr4
+oScK0JxmT129A2jWEcd2SAAdZQKBgQCmnAM1FPj66n3AmfX1fGOAZG6KGPDw88ZH
+84J1GT7NTweGvf/9wrkw6Wo7MVJPVUTIK/ypEP1sLa8Mn8/RDXMNRcDd6PHGEomU
+N4ZF6/zQI2DRbzVIxu9t0iicotf+yTOazaC4JLDz4aPYU2+uLdyJp4F5PnDy+L1A
+ZzKL/aACewKBgAsWZCPY13eOZfRbjMViyBB/1ipEjEPvm/+PEsuyfNksm/9cn6PN
+XgIvss1Rq2dGKiL3fhZwrRr39Vr6jKu7sw1rBoWnoaqIvUOjQb3v6gFv8VFH5FxJ
+dvwe16Pi4gexjv7dLsgpROWZ91OhI4KCK71yqB7FIN5t6TOqN9pFxxuxAoGAa+Gx
+ofmGjtKvwrrurJpyw3xEp18nBJ6U0Zo36yMBq2d09CarT+F6kNVTWCjDp2MLOqJg
+5AiAUD/0jTQeGLuguANms0pW4261byfU5gm8lfmSg4qC8jD+cBoY+fPn8K7Pn3lu
+jE4V1pVQxo6gTiScHPY9vAhWkr3FraIk9Mixh2kCgYEAzVYGTLKOaCK+k3td+io2
+4Aikqv1Sy07o4r0/bv1ReE1NSdGezf5Ign1bz5RBWYTz27kpTh/pYr6HXQodHjsQ
+EZfODuFcyPA2iDgU3Xb3sA0iW3wz8fmgeN3/Yaz0Gf6a/6Lzgh0yDV83qfoWpjsZ
+zA7Iu2Ui1N5kAqZqloeifsk=
+-----END saml-signing-cert.key-----
diff --git a/testbed/authentication/shibui/saml-signing-cert.pem b/testbed/authentication/shibui/saml-signing-cert.pem
new file mode 100644
index 000000000..d224a1fb1
--- /dev/null
+++ b/testbed/authentication/shibui/saml-signing-cert.pem
@@ -0,0 +1,17 @@
+-----BEGIN saml-signing-cert.pem-----
+MIICpzCCAY+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAXMRUwEwYDVQQDDAwzODM1
+YTU5NjdjMjEwHhcNMjMwNDEwMTg0MTM5WhcNNDMwNDEwMTg0MTM5WjAXMRUwEwYD
+VQQDDAwzODM1YTU5NjdjMjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQCQWxxf38Fa4VLYUPRn9Lb+Fvyy7wlrOtYdj7yG+PN0qKE3B+ye+vj9iiLLJBfe
+CqJMzjivJcWjz6PYp9XDHJl3m3BchiGakwCnQahWps2qo9wdbN+QNj0VxE8E2JuB
+CMRIL+qUpwbn81QLTwZDk/9W8tAJzZ9n1m9uo/uuFjObGUMJ8r4KjX8IeX2xNhUz
+HtIjmHKR5gUKflKkkpwNa/AvPX7O1a4ML92bBGmtOe3DoOgzILUIP4klWDJFoA1e
+Ok6tz3GqQ62JXHKHWJh5+r6olvZyfQ2TynfODoCHYVi99TDV7QZMY9HBLATVI2TE
+IMz8qeCgBinEhr6fj1rIaOmHAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAHL4bMge
+gJgyooagqTL7UUp3ZVSrYEEpTCR1l7JgmdvunGk8qxNVqu0Ir5HGJhy6/MiSkVkM
+hgpBKC+yeV7hFbVEdMEABMs7Ge+uMtsDQs1wa9uT+FjMJ00ibtDMYqQfQ2F9bddI
+58VbYmxpxKsflaZGo6gKWwllreFXzfxAdOCAMwbLyZS/plX+pXEAXTNQO6wXcioZ
+VMsjAf1gmmTeSccTNWscaloYcRyND3slGaKShWOwm7AupA+7KwHj9PqSnj4kXR1f
+9pwd6uZ9jhCb/fh2Xna2Blq+1H1juKKxYCESgA+6xb70EwCqAx71pnHChkTIDNOp
+ZhiDnL3iAjiYgPQ=
+-----END saml-signing-cert.pem-----
diff --git a/testbed/authentication/shibui/samlKeystore.jks b/testbed/authentication/shibui/samlKeystore.jks
new file mode 100644
index 000000000..db7290260
Binary files /dev/null and b/testbed/authentication/shibui/samlKeystore.jks differ
diff --git a/testbed/authentication/shibui/sp-metadata.xml b/testbed/authentication/shibui/sp-metadata.xml
new file mode 100644
index 000000000..8e69e2ef3
--- /dev/null
+++ b/testbed/authentication/shibui/sp-metadata.xml
@@ -0,0 +1,36 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+ urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
+
+
+