From ac1136c8911e565dd635f1fd40c6a6c4826c5b21 Mon Sep 17 00:00:00 2001
From: skublik <lskublik@evolveum.com>
Date: Fri, 14 Sep 2018 10:22:56 +0200
Subject: [PATCH] adding of certificate for mP

---
 .../httpd/{ => grouper}/cachain-cer.pem       |  0
 .../httpd/{ => grouper}/host-cert.pem         |  0
 .../httpd/{ => grouper}/host-key.pem          |  0
 .../httpd/midpoint/host-cert.pem              | 22 ++++++++++
 .../httpd/midpoint/host-key.pem               | 28 +++++++++++++
 .../shibboleth/{ => grouper}/sp-cert.pem      |  0
 .../shibboleth/{ => grouper}/sp-key.pem       |  0
 .../shibboleth/midpoint/sp-cert.pem           | 22 ++++++++++
 .../shibboleth/midpoint/sp-key.pem            | 28 +++++++++++++
 .../mp-gr/docker-compose.yml                  | 34 +++++++++-------
 .../shibboleth-idp/metadata/midpoint-sp.xml   | 40 ++++++++++---------
 11 files changed, 141 insertions(+), 33 deletions(-)
 rename shibboleth-integration/mp-gr/configs-and-secrets/httpd/{ => grouper}/cachain-cer.pem (100%)
 rename shibboleth-integration/mp-gr/configs-and-secrets/httpd/{ => grouper}/host-cert.pem (100%)
 rename shibboleth-integration/mp-gr/configs-and-secrets/httpd/{ => grouper}/host-key.pem (100%)
 create mode 100644 shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-cert.pem
 create mode 100644 shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-key.pem
 rename shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/{ => grouper}/sp-cert.pem (100%)
 rename shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/{ => grouper}/sp-key.pem (100%)
 create mode 100644 shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-cert.pem
 create mode 100644 shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-key.pem

diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/httpd/cachain-cer.pem b/shibboleth-integration/mp-gr/configs-and-secrets/httpd/grouper/cachain-cer.pem
similarity index 100%
rename from shibboleth-integration/mp-gr/configs-and-secrets/httpd/cachain-cer.pem
rename to shibboleth-integration/mp-gr/configs-and-secrets/httpd/grouper/cachain-cer.pem
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/httpd/host-cert.pem b/shibboleth-integration/mp-gr/configs-and-secrets/httpd/grouper/host-cert.pem
similarity index 100%
rename from shibboleth-integration/mp-gr/configs-and-secrets/httpd/host-cert.pem
rename to shibboleth-integration/mp-gr/configs-and-secrets/httpd/grouper/host-cert.pem
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/httpd/host-key.pem b/shibboleth-integration/mp-gr/configs-and-secrets/httpd/grouper/host-key.pem
similarity index 100%
rename from shibboleth-integration/mp-gr/configs-and-secrets/httpd/host-key.pem
rename to shibboleth-integration/mp-gr/configs-and-secrets/httpd/grouper/host-key.pem
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-cert.pem b/shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-cert.pem
new file mode 100644
index 0000000..9b1021b
--- /dev/null
+++ b/shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-cert.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDqDCCApCgAwIBAgIJAMOSkn4oS2aAMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIDAJNSTESMBAGA1UEBwwJQW5uIEFyYm9yMRcwFQYDVQQK
+DA5JbnRlcm5ldDIvVElFUjEgMB4GA1UEAwwXbWlkcG9pbnQuc3AuZXhhbXBsZS5v
+cmcwHhcNMTgwOTE0MDU1OTQ1WhcNMTkwOTE0MDU1OTQ1WjBpMQswCQYDVQQGEwJV
+UzELMAkGA1UECAwCTUkxEjAQBgNVBAcMCUFubiBBcmJvcjEXMBUGA1UECgwOSW50
+ZXJuZXQyL1RJRVIxIDAeBgNVBAMMF21pZHBvaW50LnNwLmV4YW1wbGUub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApj/b7MEUSfu3oXMfNgRwTse7
+a5UV7Jswf1M/ZN/ZZkAkIxNBevZgozjesvLPWrmsTgONi7XigJUJvCjdjmlW9eDM
+lri/rkD8HuOR1DQCVKL9nvoS2c3D7sq5Emda3V8Tlj82VqfEmePd3sajx7mcTfbH
+8jwAL9NhkC+WMib5IpjLGpG0FEAC0ha7Lxb+7jIiqHVJaqLXJGCyGN4mh6c1Q9S1
+f8RVTiW2a8x22G+9wnZYbkiA2Kxls177imHlhSz8EdvV4IpGw1amrEWhhuDEum7B
+vZ1xQDLatgRqh4qAKLIVYeRnJ8H1FelMa90qB4G08MIPifmTsQwqJyBYaEdgWQID
+AQABo1MwUTAdBgNVHQ4EFgQUqb9BteODF6wv5R57aEON/wGXMiowHwYDVR0jBBgw
+FoAUqb9BteODF6wv5R57aEON/wGXMiowDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQsFAAOCAQEAAcKhxI+tSItrXmqC0PSmgWyAYpqbkz6W/cefTutXqhIgY09f
+h0LSv7ogTahoGpyiZk9vy6u3OE9bYwxapEfa4KBjO6HxBMIVBBb3RegVjoPzjElN
+BDwAx0VGFcZTXwMxDWycWdG8ql7rCZBvS50w04uTaIgnGmqXAdWWmBgfJ9cRbxW+
+JwO/mOl1QM1lR/5142NpvuUVWlmZSKEGydE5A1qPz2wpDbBR1ym1BQNS4NEqw6Kp
+GSB8jKyCS1Ve0v2wVze2038Wukz02dq9uKPTIO3T+B+ibZmxn6Op/kFCc1/kK5NS
+Q6JdO1B6KquGAYdGmKAcQ19mv+jqGktqWEEf0g==
+-----END CERTIFICATE-----
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-key.pem b/shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-key.pem
new file mode 100644
index 0000000..5746e59
--- /dev/null
+++ b/shibboleth-integration/mp-gr/configs-and-secrets/httpd/midpoint/host-key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCmP9vswRRJ+7eh
+cx82BHBOx7trlRXsmzB/Uz9k39lmQCQjE0F69mCjON6y8s9auaxOA42LteKAlQm8
+KN2OaVb14MyWuL+uQPwe45HUNAJUov2e+hLZzcPuyrkSZ1rdXxOWPzZWp8SZ493e
+xqPHuZxN9sfyPAAv02GQL5YyJvkimMsakbQUQALSFrsvFv7uMiKodUlqotckYLIY
+3iaHpzVD1LV/xFVOJbZrzHbYb73CdlhuSIDYrGWzXvuKYeWFLPwR29XgikbDVqas
+RaGG4MS6bsG9nXFAMtq2BGqHioAoshVh5GcnwfUV6Uxr3SoHgbTwwg+J+ZOxDCon
+IFhoR2BZAgMBAAECggEAEIRBpjjceiku6jRUwnoYaks/nIWYQwR8AfpUTwJKR/VR
+Yca097Fokm7A+UhUP3A45RtHQb0VPq8P44iv0kk24YCu8r5yFK7SHYOAZnOwU5ZJ
+2jSAEPF3aM7tKh3okhuzB3dKP7u1NZDE5zAW723KUJiW7sL1RcsbY0bHBj6G+9/H
+NplmsjuGt684vRBB0qOBfKF7EiG7mT69tHuNj4gRza9SMY31UtKbZdt2fNY6mp5V
+HscMba7egZP+Ke0pVX4+go9j7K8GG8hYaQDLjrzlPqrxZ2c5X9cC+CRDI/CHuL/s
+V/2yGZJ6n6UabwZoH83RdFrbQ94rU8Hkli6EvxXvMQKBgQDRpheNW5jDG5TfeJKh
+yfKTDQqH2Tk3BsBYYBN7Hf3m7vbkzlxnAKJAoSLmtRMuoeXvI5MrhzaHGsNIUS76
+LDIZnvB7DLUxhFUZsCPkpAA1QHuTWY96oR3PHnPjpk8lSUvtbOPwDLdzVApeFJgZ
+VqMNArZ7AHsK3Kkyi+f4WVQjbQKBgQDLAWiGb5dx6fAM2W6B6HjNmzjBWOuVEXa2
+76to9jzupBZmETfZgxtWUaWUDuNS+f7dtVUTE+p6v/w8clrHEhEZYkqunIOLo/UA
+LFPiuoTfEsWb1rh+nsCjCgy4uimixj/bSkf7NC6NyKTvCygA1mGnVVJUEPegYlDy
+LXCkaKWxHQKBgQCmyHSKL2lrJkEcOwakEU2acNCE3Gno/cT9SYmV83kvQ8JEqmrW
+QqnRsp9aXIljGscapPmKsmnNt5vNp1AxFAHTYh88NRLczsMIyZj0ZwgHVUI6KhC7
+5Psa78YQQBlMt2/g9TSsnuE+rYgF6mpKFiNm0Vasqeg47uzn2mdzqlUGTQKBgE04
+JutkTUY+h1pL5vYxWKpVDfy19z7H2tFxT1FowPrBneeLSyRI88Ac5I/yLdRlVeY9
+0LOmEr5Igwj3MsKgg7KVKfVLgdo/LrW3Jt2Kt3onKNXDkoBPoNUjwH0QC0Boiue+
+VK0gR0kVdm+bXccbxR+im+NwZNE0NLg6Qqu3RredAoGBALuVoqbPPmTCZXYG328H
+bzOs2aiR7BzPSVByV+qG6jW7w03RAnFPJZp7HMU+ViI5VY0wabUscMSvz5163+gM
+4KwY3v9ZjZzZGukIfLuudkdqtaiVOx/KeAC0n+nG21YU+wpZww8gkfHh1/sa2CME
+CWYCgOnmiTHcj83UaTqEXtmv
+-----END PRIVATE KEY-----
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/sp-cert.pem b/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/grouper/sp-cert.pem
similarity index 100%
rename from shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/sp-cert.pem
rename to shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/grouper/sp-cert.pem
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/sp-key.pem b/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/grouper/sp-key.pem
similarity index 100%
rename from shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/sp-key.pem
rename to shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/grouper/sp-key.pem
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-cert.pem b/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-cert.pem
new file mode 100644
index 0000000..0f5474e
--- /dev/null
+++ b/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-cert.pem
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDqDCCApCgAwIBAgIJAKUZrfriIt9cMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIDAJNSTESMBAGA1UEBwwJQW5uIEFyYm9yMRcwFQYDVQQK
+DA5JbnRlcm5ldDIvVElFUjEgMB4GA1UEAwwXZXZvbHZldW0uc3AuZXhhbXBsZS5v
+cmcwHhcNMTgwOTE0MDU0NjU3WhcNMTkwOTE0MDU0NjU3WjBpMQswCQYDVQQGEwJV
+UzELMAkGA1UECAwCTUkxEjAQBgNVBAcMCUFubiBBcmJvcjEXMBUGA1UECgwOSW50
+ZXJuZXQyL1RJRVIxIDAeBgNVBAMMF2V2b2x2ZXVtLnNwLmV4YW1wbGUub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5v1zxlM94yaBssgNNbIUJwW
+XxbGxgSs2AWBeg2aEi/VQd2UE5ivZakNJlqWSJyHo2xE4kxeSyBBxinjSyhmpNao
+xIcqQsgW0gxo4SEHo3kUXWPo+of/pj6CslutsSJZWGTRV0dHITvaWX+NM8eXMfgu
+mJFwy3RMdLaWQhY1Dyi2jNoO+DZnfNgPyPeEZcmORaoeEID9QdZfHtcgTf2QfSHq
++xsTwHB6Ro5t7YD2ma8Krb/XcDTfsq3qJemd7LhPj5lGmhYSMgDbgwEkZgZ1kBOP
+lfsP2BvX5nipv7Vd1C5YXmv+NDR8V3yAWBC7ZAenxGmrnkaSVXnpUplUsGGm1QID
+AQABo1MwUTAdBgNVHQ4EFgQUuxSZwW6V1P/b0tsTM32OU/v/n+UwHwYDVR0jBBgw
+FoAUuxSZwW6V1P/b0tsTM32OU/v/n+UwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQsFAAOCAQEAJWLXEfZkPeUyiGvsIUjczzdF3ptqXoP9aETS2pOV9sTri19R
+TsQZW6XQRHGtuEOsqEGH8yiTdGR5hbGC+ynH/xTJnK+tBn/R3KrgxLKyMvoUzAPl
+mhVq1dh+ZEtbsRpQRRubP6nm9kXNma0cXrkJSzuWM0W+l/xSOOYiSRRk3XWJfVjn
+9jQlcJRh5SOkKN08oZHrCYKxToEuOfV8PtRj3T80DhsBTv2SHqhg4cBhzQPb0Kjm
+9m4IkYOz8c5ZtuHDGnqMHw60Nyt+jyik4mMFP2frcOVP0W0sgwcfHllYzHoA/Khq
+Yk3TBVs1BjPuNDJWHct8Eo68YP2/ZvzqfVM87Q==
+-----END CERTIFICATE-----
diff --git a/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-key.pem b/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-key.pem
new file mode 100644
index 0000000..b4c7a68
--- /dev/null
+++ b/shibboleth-integration/mp-gr/configs-and-secrets/shibboleth/midpoint/sp-key.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDDm/XPGUz3jJoG
+yyA01shQnBZfFsbGBKzYBYF6DZoSL9VB3ZQTmK9lqQ0mWpZInIejbETiTF5LIEHG
+KeNLKGak1qjEhypCyBbSDGjhIQejeRRdY+j6h/+mPoKyW62xIllYZNFXR0chO9pZ
+f40zx5cx+C6YkXDLdEx0tpZCFjUPKLaM2g74Nmd82A/I94RlyY5Fqh4QgP1B1l8e
+1yBN/ZB9Ier7GxPAcHpGjm3tgPaZrwqtv9dwNN+yreol6Z3suE+PmUaaFhIyANuD
+ASRmBnWQE4+V+w/YG9fmeKm/tV3ULlhea/40NHxXfIBYELtkB6fEaaueRpJVeelS
+mVSwYabVAgMBAAECggEAeQxOdTaG9ro/puyUpZ40oA23mmiR4YCLJbNiiJFaQt7u
+7a+dLvNRt2uCA7YTQiP7nBooFpKD16HCkkrhqWT7AA8GqXero2AHHz0mugqim3sW
+KyTkzATVI5+TaaRqPC+xco4RLh2h2uMbID9atixRWE7pJuj6EC2MEr3bBlKPyyyj
+gYEi7PLZC5oEMHCZSteVik0yXI3kJJEneuVgFHTc+mwuz/qzqJP7f93i77c/FcRd
+pWCo1fg0Xuxh3M17Y/0e0ZzSBowbRVv7VkJDKZmdAYE+DaODdaIR8rrQVqkIEX4A
+4m/ufAS5j2Rck0MEY9mu5STQByo1EGiAsxTp8pVCkQKBgQD905GZiMIZ+yBM1aXa
+ZJj/BF2a/s/wf3N6YLtfobWGDAGXDIe07lr+jSK1+vYRcqHW/a6/H0JsVg+gD9Gs
+10p0ry8AVWqR+5GRRDUKBMBXVDxMFZybXvMzRnR67SJA6TVEirMHYeawtzEjzha0
+csIo0kCe3Ke22mR8aebFSFDonwKBgQDFSMTvC/y18k8n9NQ3Rsu2Z4itH3nZ3fM3
+e7+gFxQyCXJHR/kTaAPVb2HAsuA+lAemnEHJUhOjao0QiUilWkE44wSfx7LwFPWP
+XO89oOWGKhOclkzs2nvxOcC/pEjWm83cgOz/IPWqkw0/wefmh6RDcPz1JgwO2Jij
+P14FGG9YCwKBgQDPdmOlODBeB/Iomt+Kl3qtxaW0j9zp12JNfk7oJUY3IA0Uprss
+2T0qnbTnRQ5myGkbThHMSQKDhfwTeZqJSRakNKOYBDisxQ//yd4IKEYFmuYF0gxE
+ueDR4h5GcxfyMirFsRAPUqe5fKH/f+zy5HFp6B/FONkkDXDgd7aVPTxURQKBgF8q
+sUUXJTqnvqNpqQ1ZK1+8JeRNcLw2IuM64L9bIrTYdbYI9A/2dxL4fdE0+JN3WRF4
+AwwYeby044N8lfydwySr7kkdTiYeFi6oCAhUmyPTHE7G+iivZGaDE4Xeu/w6gF3E
+G48e2SMFeLiu0y0TdZvK31tqlRp8RXVKVhJjLSLtAoGBAP01ZMUJu5AU19c7xRTy
+kfVzE6PI+E8ZZ6qEWMs2Xt3NQL4Bffh94QQCmQYX3AY7xVD1gAQgbLXx4lEDQdzu
+i/kV4t+oeYwXSn1UEgOQj504qwR3gi4JZdfa0LbiMzhp9qyxofyk7Lre7Tc3Xmu1
+jyigTF7oAYoPBWk/mAthK1wO
+-----END PRIVATE KEY-----
diff --git a/shibboleth-integration/mp-gr/docker-compose.yml b/shibboleth-integration/mp-gr/docker-compose.yml
index 0273986..8658809 100644
--- a/shibboleth-integration/mp-gr/docker-compose.yml
+++ b/shibboleth-integration/mp-gr/docker-compose.yml
@@ -66,9 +66,10 @@ services:
        target: grouper_grouper-loader.properties
      - source: subject.properties
        target: grouper_subject.properties
-     - source: sp-key.pem
+     - source: grouper-sp-key.pem
        target: shib_sp-key.pem
-     - source: host-key.pem
+     - source: grouper-host-key.pem
+       target: host-key.pem
     volumes:
      - type: bind
        source: ./configs-and-secrets/grouper/grouper.properties
@@ -77,7 +78,7 @@ services:
        source: ./configs-and-secrets/grouper/grouper.client.properties
        target: /opt/grouper/conf/grouper.client.properties
      - type: bind
-       source: ./configs-and-secrets/shibboleth/sp-cert.pem
+       source: ./configs-and-secrets/shibboleth/grouper/sp-cert.pem
        target: /etc/shibboleth/sp-cert.pem
      - type: bind
        source: ./configs-and-secrets/shibboleth/grouper/shibboleth2.xml
@@ -86,10 +87,10 @@ services:
        source: ./configs-and-secrets/shibboleth/idp-metadata.xml
        target: /etc/shibboleth/idp-metadata.xml
      - type: bind
-       source: ./configs-and-secrets/httpd/host-cert.pem
+       source: ./configs-and-secrets/httpd/grouper/host-cert.pem
        target: /etc/pki/tls/certs/host-cert.pem
      - type: bind
-       source: ./configs-and-secrets/httpd/host-cert.pem
+       source: ./configs-and-secrets/httpd/grouper/host-cert.pem
        target: /etc/pki/tls/certs/cachain.pem
 
 
@@ -232,13 +233,14 @@ services:
      - back
     secrets:
      - m_database_password.txt
-     - source: sp-key.pem
+     - source: midpoint-sp-key.pem
        target: shib_sp-key.pem
-     - source: host-key.pem
+     - source: midpoint-host-key.pem
+       target: host-key.pem
     volumes:
      - midpoint_home:/opt/midpoint/var
      - type: bind
-       source: ./configs-and-secrets/shibboleth/sp-cert.pem
+       source: ./configs-and-secrets/shibboleth/midpoint/sp-cert.pem
        target: /etc/shibboleth/sp-cert.pem
      - type: bind
        source: ./configs-and-secrets/shibboleth/midpoint/shibboleth2.xml
@@ -247,10 +249,10 @@ services:
        source: ./configs-and-secrets/shibboleth/idp-metadata.xml
        target: /etc/shibboleth/idp-metadata.xml
      - type: bind
-       source: ./configs-and-secrets/httpd/host-cert.pem
+       source: ./configs-and-secrets/httpd/midpoint/host-cert.pem
        target: /etc/pki/tls/certs/host-cert.pem
      - type: bind
-       source: ./configs-and-secrets/httpd/host-cert.pem
+       source: ./configs-and-secrets/httpd/midpoint/host-cert.pem
        target: /etc/pki/tls/certs/cachain.pem
 
   idp:
@@ -293,14 +295,18 @@ secrets:
     file: ./configs-and-secrets/grouper/grouper.hibernate.properties
   grouper-loader.properties:
     file: ./configs-and-secrets/grouper/grouper-loader.properties
-  host-key.pem:
-    file: ./configs-and-secrets/httpd/host-key.pem
+  grouper-host-key.pem:
+    file: ./configs-and-secrets/httpd/grouper/host-key.pem
   rabbitmq_password.txt:
     file: ./configs-and-secrets/grouper/rabbitmq_password.txt
   subject.properties:
     file: ./configs-and-secrets/grouper/subject.properties
-  sp-key.pem:
-    file: ./configs-and-secrets/shibboleth/sp-key.pem
+  grouper-sp-key.pem:
+    file: ./configs-and-secrets/shibboleth/grouper/sp-key.pem
+  midpoint-host-key.pem:
+    file: ./configs-and-secrets/httpd/midpoint/host-key.pem
+  midpoint-sp-key.pem:
+    file: ./configs-and-secrets/shibboleth/midpoint/sp-key.pem
   m_database_password.txt:
     file: ./configs-and-secrets/midpoint/database_password.txt
     
diff --git a/shibboleth-integration/mp-gr/idp/shibboleth-idp/metadata/midpoint-sp.xml b/shibboleth-integration/mp-gr/idp/shibboleth-idp/metadata/midpoint-sp.xml
index 690b240..7266479 100644
--- a/shibboleth-integration/mp-gr/idp/shibboleth-idp/metadata/midpoint-sp.xml
+++ b/shibboleth-integration/mp-gr/idp/shibboleth-idp/metadata/midpoint-sp.xml
@@ -30,27 +30,29 @@ and do *NOT* provide it in real time to your partners.
     </md:Extensions>
     <md:KeyDescriptor>
       <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:KeyName>sp.example.org</ds:KeyName>
+        <ds:KeyName>midpoint.sp.example.org</ds:KeyName>
         <ds:X509Data>
-          <ds:X509SubjectName>CN=sp.example.org,O=Internet2/TIER,L=Ann Arbor,ST=MI,C=US</ds:X509SubjectName>
-          <ds:X509Certificate>MIIDPDCCAiQCCQDNZe8r0hVtuTANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJV
+          <ds:X509SubjectName>CN=midpoint.sp.example.org,O=Internet2/TIER,L=Ann Arbor,ST=MI,C=US</ds:X509SubjectName>
+          <ds:X509Certificate>MIIDqDCCApCgAwIBAgIJAKUZrfriIt9cMA0GCSqGSIb3DQEBCwUAMGkxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIDAJNSTESMBAGA1UEBwwJQW5uIEFyYm9yMRcwFQYDVQQK
+DA5JbnRlcm5ldDIvVElFUjEgMB4GA1UEAwwXZXZvbHZldW0uc3AuZXhhbXBsZS5v
+cmcwHhcNMTgwOTE0MDU0NjU3WhcNMTkwOTE0MDU0NjU3WjBpMQswCQYDVQQGEwJV
 UzELMAkGA1UECAwCTUkxEjAQBgNVBAcMCUFubiBBcmJvcjEXMBUGA1UECgwOSW50
-ZXJuZXQyL1RJRVIxFzAVBgNVBAMMDnNwLmV4YW1wbGUub3JnMB4XDTE3MDkyMjE5
-NTAzNVoXDTI3MDkyMDE5NTAzNVowYDELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk1J
-MRIwEAYDVQQHDAlBbm4gQXJib3IxFzAVBgNVBAoMDkludGVybmV0Mi9USUVSMRcw
-FQYDVQQDDA5zcC5leGFtcGxlLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
-AQoCggEBAMTNJmsNpTpR4NrDJwOgK/o3UYlNdi1c6xBflt+liLAsQc160QReV4dS
-SGK8LZvN58a/BTIsH8dLhQlUQ8qQUY2AfolVrNxb7Waumeh/POzYUTRylnoGpU3W
-bGMEPxE/AdgP5U/adYvyu4XI5epv7wjZJOTqcVag15SalY+aso+ZC/5l+UzRxmWB
-ZxKTsSL1y7PFehY4/Zl3Y3oGVsVl/zspt5lteoZQeeVxUX29S3Af11yHY4xpEp+7
-rvAzY/nlsTiHAsUoCFK/NFQ2evvSRx52B9Fk1cWP1MDVDm2QjQqD9xBGYSnX6bhQ
-ejVx7JUJHlblu2Q5p5XdW0BihgFluoECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEA
-n/qhYnIviPs4tglCdrw+M7gbqKNWadDC3F9HDYzlJMFeS/ae2turhEUgQPbYPDQQ
-eO3oOILtvCXNFUPM58jf8V5YFRrOqrTgx44kexQDaHO5YYNft5tF5TdvBYE2gOVr
-GdYrH2iSP8WX+Yy7JH5uqkfwWzEntWHJdey39rCWKAUCCB35+/2b4N53Qmlv2+ug
-CpNJYFtXInd4YMmM5HjXLyoWXtjnKiwDqYUCeYPSwAajnCqRqRXUX0gYTFDRiwRP
-HbmO9We0nqoc/71nikmGGoSRMO/zWVMFjwmAx1fGiWdU61sjGX8sHifzmVyJVEBI
-Z75p+JrWYZJYrx/vpWxL8g==
+ZXJuZXQyL1RJRVIxIDAeBgNVBAMMF2V2b2x2ZXVtLnNwLmV4YW1wbGUub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5v1zxlM94yaBssgNNbIUJwW
+XxbGxgSs2AWBeg2aEi/VQd2UE5ivZakNJlqWSJyHo2xE4kxeSyBBxinjSyhmpNao
+xIcqQsgW0gxo4SEHo3kUXWPo+of/pj6CslutsSJZWGTRV0dHITvaWX+NM8eXMfgu
+mJFwy3RMdLaWQhY1Dyi2jNoO+DZnfNgPyPeEZcmORaoeEID9QdZfHtcgTf2QfSHq
++xsTwHB6Ro5t7YD2ma8Krb/XcDTfsq3qJemd7LhPj5lGmhYSMgDbgwEkZgZ1kBOP
+lfsP2BvX5nipv7Vd1C5YXmv+NDR8V3yAWBC7ZAenxGmrnkaSVXnpUplUsGGm1QID
+AQABo1MwUTAdBgNVHQ4EFgQUuxSZwW6V1P/b0tsTM32OU/v/n+UwHwYDVR0jBBgw
+FoAUuxSZwW6V1P/b0tsTM32OU/v/n+UwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQsFAAOCAQEAJWLXEfZkPeUyiGvsIUjczzdF3ptqXoP9aETS2pOV9sTri19R
+TsQZW6XQRHGtuEOsqEGH8yiTdGR5hbGC+ynH/xTJnK+tBn/R3KrgxLKyMvoUzAPl
+mhVq1dh+ZEtbsRpQRRubP6nm9kXNma0cXrkJSzuWM0W+l/xSOOYiSRRk3XWJfVjn
+9jQlcJRh5SOkKN08oZHrCYKxToEuOfV8PtRj3T80DhsBTv2SHqhg4cBhzQPb0Kjm
+9m4IkYOz8c5ZtuHDGnqMHw60Nyt+jyik4mMFP2frcOVP0W0sgwcfHllYzHoA/Khq
+Yk3TBVs1BjPuNDJWHct8Eo68YP2/ZvzqfVM87Q==
 </ds:X509Certificate>
         </ds:X509Data>
       </ds:KeyInfo>