Setting up your production system
- Your production service provider should be set up just like your test service provider. Make sure you have a suitable DNS name (e.g. https://dienst.uni-konstanz.de)
- Request a server certificate for this DNS name. Please make sure you select the "Shibboleth IdP SP" profile on the form
- Create a suitable, unique provider ID for your production service provider (e.g. https://dienst-test.uni-konstanz.de/shibboleth-sp)
- Fill out the application form to have your production service provider integrated into either the university's or the DFN-AAI's production federation. The Shibboleth team will contact you and work with you on the next steps
Using your production system
- Adapt the configuration files from your test service provider to fit your production system
- Use the metadata for the production DFN-AAI federation where the metadata for all IDPs are stored:
- Use the DFN-AAI certificate in PEM format to verify the signature of DFN-AAI metadata:
- Adapt the configuration file used in your test system for the Apache web server to fit your production system
- Test access to the protected websites or web applications
- Test whether the respective websites or web applications process the authorization data