1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
--- 9509a39596283613eba4c9d616f24289068427ec

+++ 8edf7f92330368448d70fc5b21cf0d8d770bcfb7

@@ -1,29 +1,50 @@

-<?xml version="1.0"?>
-<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" entityID="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/metadata.php/default-sp">
-  <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
-    <md:KeyDescriptor use="signing">
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:X509Data>
-          <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIJANlU50jAk+DcMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0MRAwDgYDVQQHDAdVdHJlY2h0MRAwDgYDVQQKDAdTVVJGbmV0MQ0wCwYDVQQDDARtYWtyMB4XDTE0MDUxNDExMDc0N1oXDTI0MDUxMzExMDc0N1owUjELMAkGA1UEBhMCTkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxEDAOBgNVBAoMB1NVUkZuZXQxDTALBgNVBAMMBG1ha3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgR5oF/KddPnRL0v5nUlMWkIGjCK8vrT9bUhupx/ncfdU9Tij7r0TlNzsTe6Cr141+UbRu/ACI1zWpa43GEcgVI8I7YQss/KnYdHLlqWk0pLK0xPrcWVkMXv0Xdt8dBOVMxHZJ7jFnVUfyKhmrv+Qtx0dLnlLiB46jmqjlYW9VRwzFRTMcuwqBFQwb0vIfUb9lGsdgaHBb1KJLgC1oB6vJmr/s14/2kJ++GskQIo7tIGHdnfNSsRuF1192x8DgwdHYOE5pkHCgIj7rMywkcqnTjEVl2PJI8Hkf664l57h96htgYUw/dbReZkhZCcUoX/hTqUS7oj0zC9Gw07fQHORlAgMBAAGjUDBOMB0GA1UdDgQWBBRY+4wftkfxa8G6ofYu6fINu67zSjAfBgNVHSMEGDAWgBRY+4wftkfxa8G6ofYu6fINu67zSjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBmVEj0Sh+DCzO8Pp7AxHwGgBuarvEZOskaCD5+QnghAfPHXOy8/gTON4EZY+fiboxxf7b6y6Iyouz6PBgzn2AkqvGnzX3Hgey7pM1YaQio61XamEyEh9NjI3Y++ZbZo7Uoc9Q+7t9kgGMP2PPhcxmVXheY+Larc6SER0qNzxC+XUhejrKoBHxN1L7BzYdrQ+p4csPWVnDN6K7FKFuyVe9QsbvpNK/ti1ci49JmKLbNv03oyqOQKTJovlohSzSD/D0EpPK77w5nlSWKpem1NBk6Q5T32tw46GgiV6M/qDpQzM6/UxF3dJrHrXHW0hgwLBNMx+wPzwOatKQWfyndavYN</ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-    </md:KeyDescriptor>
-    <md:KeyDescriptor use="encryption">
-      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
-        <ds:X509Data>
-          <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIJANlU50jAk+DcMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0MRAwDgYDVQQHDAdVdHJlY2h0MRAwDgYDVQQKDAdTVVJGbmV0MQ0wCwYDVQQDDARtYWtyMB4XDTE0MDUxNDExMDc0N1oXDTI0MDUxMzExMDc0N1owUjELMAkGA1UEBhMCTkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxEDAOBgNVBAoMB1NVUkZuZXQxDTALBgNVBAMMBG1ha3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgR5oF/KddPnRL0v5nUlMWkIGjCK8vrT9bUhupx/ncfdU9Tij7r0TlNzsTe6Cr141+UbRu/ACI1zWpa43GEcgVI8I7YQss/KnYdHLlqWk0pLK0xPrcWVkMXv0Xdt8dBOVMxHZJ7jFnVUfyKhmrv+Qtx0dLnlLiB46jmqjlYW9VRwzFRTMcuwqBFQwb0vIfUb9lGsdgaHBb1KJLgC1oB6vJmr/s14/2kJ++GskQIo7tIGHdnfNSsRuF1192x8DgwdHYOE5pkHCgIj7rMywkcqnTjEVl2PJI8Hkf664l57h96htgYUw/dbReZkhZCcUoX/hTqUS7oj0zC9Gw07fQHORlAgMBAAGjUDBOMB0GA1UdDgQWBBRY+4wftkfxa8G6ofYu6fINu67zSjAfBgNVHSMEGDAWgBRY+4wftkfxa8G6ofYu6fINu67zSjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBmVEj0Sh+DCzO8Pp7AxHwGgBuarvEZOskaCD5+QnghAfPHXOy8/gTON4EZY+fiboxxf7b6y6Iyouz6PBgzn2AkqvGnzX3Hgey7pM1YaQio61XamEyEh9NjI3Y++ZbZo7Uoc9Q+7t9kgGMP2PPhcxmVXheY+Larc6SER0qNzxC+XUhejrKoBHxN1L7BzYdrQ+p4csPWVnDN6K7FKFuyVe9QsbvpNK/ti1ci49JmKLbNv03oyqOQKTJovlohSzSD/D0EpPK77w5nlSWKpem1NBk6Q5T32tw46GgiV6M/qDpQzM6/UxF3dJrHrXHW0hgwLBNMx+wPzwOatKQWfyndavYN</ds:X509Certificate>
-        </ds:X509Data>
-      </ds:KeyInfo>
-    </md:KeyDescriptor>
-    <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp" index="0"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp" index="1"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp" index="2"/>
-    <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/>
-  </md:SPSSODescriptor>
-  <md:ContactPerson contactType="technical">
-    <md:GivenName>Maarten</md:GivenName>
-    <md:EmailAddress>maarten@surfnet.nl</md:EmailAddress>
-  </md:ContactPerson>
+<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+                     xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+                     entityID="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/metadata.php/default-sp"
+                     >
+	 <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+	 	 <md:Extensions>
+	 	 	 <mdui:UIInfo xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui">
+	 	 	 	 <mdui:DisplayName xml:lang="en">MaKr Test Service</mdui:DisplayName>
+	 	 	 	 <mdui:Description xml:lang="en">MaKr Test Service</mdui:Description>
+	 	 	 </mdui:UIInfo>
+	 	 </md:Extensions>
+	 	 <md:KeyDescriptor use="signing">
+	 	 	 <ds:KeyInfo>
+	 	 	 	 <ds:X509Data>
+	 	 	 	 	 <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIJANlU50jAk+DcMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0MRAwDgYDVQQHDAdVdHJlY2h0MRAwDgYDVQQKDAdTVVJGbmV0MQ0wCwYDVQQDDARtYWtyMB4XDTE0MDUxNDExMDc0N1oXDTI0MDUxMzExMDc0N1owUjELMAkGA1UEBhMCTkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxEDAOBgNVBAoMB1NVUkZuZXQxDTALBgNVBAMMBG1ha3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgR5oF/KddPnRL0v5nUlMWkIGjCK8vrT9bUhupx/ncfdU9Tij7r0TlNzsTe6Cr141+UbRu/ACI1zWpa43GEcgVI8I7YQss/KnYdHLlqWk0pLK0xPrcWVkMXv0Xdt8dBOVMxHZJ7jFnVUfyKhmrv+Qtx0dLnlLiB46jmqjlYW9VRwzFRTMcuwqBFQwb0vIfUb9lGsdgaHBb1KJLgC1oB6vJmr/s14/2kJ++GskQIo7tIGHdnfNSsRuF1192x8DgwdHYOE5pkHCgIj7rMywkcqnTjEVl2PJI8Hkf664l57h96htgYUw/dbReZkhZCcUoX/hTqUS7oj0zC9Gw07fQHORlAgMBAAGjUDBOMB0GA1UdDgQWBBRY+4wftkfxa8G6ofYu6fINu67zSjAfBgNVHSMEGDAWgBRY+4wftkfxa8G6ofYu6fINu67zSjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBmVEj0Sh+DCzO8Pp7AxHwGgBuarvEZOskaCD5+QnghAfPHXOy8/gTON4EZY+fiboxxf7b6y6Iyouz6PBgzn2AkqvGnzX3Hgey7pM1YaQio61XamEyEh9NjI3Y++ZbZo7Uoc9Q+7t9kgGMP2PPhcxmVXheY+Larc6SER0qNzxC+XUhejrKoBHxN1L7BzYdrQ+p4csPWVnDN6K7FKFuyVe9QsbvpNK/ti1ci49JmKLbNv03oyqOQKTJovlohSzSD/D0EpPK77w5nlSWKpem1NBk6Q5T32tw46GgiV6M/qDpQzM6/UxF3dJrHrXHW0hgwLBNMx+wPzwOatKQWfyndavYN</ds:X509Certificate>
+	 	 	 	 </ds:X509Data>
+	 	 	 </ds:KeyInfo>
+	 	 </md:KeyDescriptor>
+	 	 <md:KeyDescriptor use="encryption">
+	 	 	 <ds:KeyInfo>
+	 	 	 	 <ds:X509Data>
+	 	 	 	 	 <ds:X509Certificate>MIIDdzCCAl+gAwIBAgIJANlU50jAk+DcMA0GCSqGSIb3DQEBCwUAMFIxCzAJBgNVBAYTAk5MMRAwDgYDVQQIDAdVdHJlY2h0MRAwDgYDVQQHDAdVdHJlY2h0MRAwDgYDVQQKDAdTVVJGbmV0MQ0wCwYDVQQDDARtYWtyMB4XDTE0MDUxNDExMDc0N1oXDTI0MDUxMzExMDc0N1owUjELMAkGA1UEBhMCTkwxEDAOBgNVBAgMB1V0cmVjaHQxEDAOBgNVBAcMB1V0cmVjaHQxEDAOBgNVBAoMB1NVUkZuZXQxDTALBgNVBAMMBG1ha3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDgR5oF/KddPnRL0v5nUlMWkIGjCK8vrT9bUhupx/ncfdU9Tij7r0TlNzsTe6Cr141+UbRu/ACI1zWpa43GEcgVI8I7YQss/KnYdHLlqWk0pLK0xPrcWVkMXv0Xdt8dBOVMxHZJ7jFnVUfyKhmrv+Qtx0dLnlLiB46jmqjlYW9VRwzFRTMcuwqBFQwb0vIfUb9lGsdgaHBb1KJLgC1oB6vJmr/s14/2kJ++GskQIo7tIGHdnfNSsRuF1192x8DgwdHYOE5pkHCgIj7rMywkcqnTjEVl2PJI8Hkf664l57h96htgYUw/dbReZkhZCcUoX/hTqUS7oj0zC9Gw07fQHORlAgMBAAGjUDBOMB0GA1UdDgQWBBRY+4wftkfxa8G6ofYu6fINu67zSjAfBgNVHSMEGDAWgBRY+4wftkfxa8G6ofYu6fINu67zSjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBmVEj0Sh+DCzO8Pp7AxHwGgBuarvEZOskaCD5+QnghAfPHXOy8/gTON4EZY+fiboxxf7b6y6Iyouz6PBgzn2AkqvGnzX3Hgey7pM1YaQio61XamEyEh9NjI3Y++ZbZo7Uoc9Q+7t9kgGMP2PPhcxmVXheY+Larc6SER0qNzxC+XUhejrKoBHxN1L7BzYdrQ+p4csPWVnDN6K7FKFuyVe9QsbvpNK/ti1ci49JmKLbNv03oyqOQKTJovlohSzSD/D0EpPK77w5nlSWKpem1NBk6Q5T32tw46GgiV6M/qDpQzM6/UxF3dJrHrXHW0hgwLBNMx+wPzwOatKQWfyndavYN</ds:X509Certificate>
+	 	 	 	 </ds:X509Data>
+	 	 	 </ds:KeyInfo>
+	 	 </md:KeyDescriptor>
+	 	 <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+	 	                         Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml2-logout.php/default-sp"
+	 	                         />
+	 	 <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+	 	                              Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp"
+	 	                              index="0"
+	 	                              />
+	 	 <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
+	 	                              Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp"
+	 	                              index="1"
+	 	                              />
+	 	 <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
+	 	                              Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp"
+	 	                              index="2"
+	 	                              />
+	 	 <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
+	 	                              Location="https://makr.conext.surfnetlabs.nl/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp/artifact"
+	 	                              index="3"
+	 	                              />
+	 </md:SPSSODescriptor>
+	 <md:ContactPerson contactType="technical">
+	 	 <md:GivenName>Maarten</md:GivenName>
+	 	 <md:EmailAddress>maarten@surfnet.nl</md:EmailAddress>
+	 </md:ContactPerson>
 </md:EntityDescriptor>
-