...
Obtain the InCommon Metadata Query Protocol signing certificate. Though the this service is currently beta, the data is production.
Code Block curl -OL https://ds.incommon.org/certs/mdq-beta-cert.pem
- Verify the certificate's signing key fingerprint with information on this page
https://ops.incommon.org/mdq_beta_cert.html
Code Block /usr/bin/openssl x509 -sha256 -noout -fingerprint -in mdq-beta-cert.pem
Fetch our IdP metadata.
Code Block curl --silent --output ucdavis-metadata.xml \ http://mdq-beta.incommon.org/global/entities/urn%3Amace%3Aincommon%3Aucdavis.edu
Validate the XML signature.
Code Block xmlsectool --verifySignature --inFile ucdavis-metadata.xml --certificate mdq-beta-cert.pem