Update SAML metadata that include multiple SAML entities
- Former user (Deleted)
When trying to update SAML metadata that include multiple entities, described in the metadata.xml as <EntitiesDescriptor> you might observe the following error in SSO Management UI.
The reason is that Ubisecure SSO is unable to read multiple entities and some changes are needed to the metadata.xml in order to be able to update it to the SSO Management UI. Below we have described the lines needed to be altered to have valid metadata that Ubisecure SSO can read.
In this example we are using Suomi.fi updated SAML metadata to take into use uusi.tunnistus.fi/idp1 entityID. After these modifications you should be able to update the modified metadata.xml to SSO Management UI and start using the new keys and endpoints published by Suomi.fi.
Example of updated SAML idp-metadata.xml, below is explained in more details which parts have been changed:
text in red - updates needed to metadata
strike through - lines to remove from metadata
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui"
entityID="https://uusi.tunnistus.fi/idp1" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="_58b314" Name="Suomi.fi-tunnistus palvelun ympäristöt">
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>HMby+xyC7RC5lvg3sz7gwTmnB2eqsxU5TH6xkRE6Ik8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue> VDqebgmS8daJ0bvtN4d0mI6wUOfVRNu/jxshhMbkhcIN+696He6KRkOTmL7pORGZJ8xxUMLuUcWF kMTgAnvdLPv/szXXp6KHV9+aVgzaO8+2lMQNfEHynSqdXNcBj49VxPrA83F0ObEyaw/d4hlYJY1y AcuvOweA00dLPpwIUrGcAWcx6pL+GD/vTEFD9QbcYd8JXX0IGBIkaY3IUUoZRiJapF48HjIs92FW xw1+do55aDqZBYtljbHFCZxAqT+tm4I3Ql20iLafXttJ3CWFLWhRXHVQI2z+MTV3DP/SvgZKpU8I cLVWOeTL2KWqU6sdrOCtPgHjMvfrhQ8tkI0PJg== </ds:SignatureValue>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus> 1gbNsNL6gUqTFPPaoOvGLNq5UlbpbPHYFtPN0rAyfJgZ7vNpmAnd6f0f6DqwaDUra4saGyww4ZuS AjxWZcrRHEvDwNDsavquUbfwE2DufwKC+iCh5vJX95ooNylA6J9Jt0DePzpdxStecRpuN+Yscr1T 6U7jfsCRCgJLoFGZh98lXa6AuwxPRmcREJBmfAc8MemFe1whI+T/5Al1++9XtMcT09YBzJi9lPcE tpCiv5cCMimUHHZ5vOLEtaBR2FA5bqT2Oxwr0ugktt0VUn+yCulfhTUFf6SORRupQxRyDZOV2OeP JQJxKi/th20rJLJXhcWzauyirf1T5J4AscLGXQ== </ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
<ds:X509Data>
<ds:X509Certificate> MIIGhTCCBG2gAwIBAgISBwAAAXb64N5W6JBNCmQhtbOYMA0GCSqGSIb3DQEBCwUA MHgxCzAJBgNVBAYTAkZJMSEwHwYDVQQKExhWYWVzdG9yZWtpc3RlcmlrZXNrdXMg Q0ExGjAYBgNVBAsTEVBhbHZlbHV2YXJtZW50ZWV0MSowKAYDVQQDEyFWUksgQ0Eg Zm9yIFNlcnZpY2UgUHJvdmlkZXJzIC0gRzMwHhcNMjEwMTEzMDkwMDAwWhcNMjMw MTEzMjE1OTU5WjCBmjELMAkGA1UEBhMCRkkxEDAOBgNVBAgMB0ZJTkxBTkQxETAP BgNVBAcMCEhlbHNpbmtpMSQwIgYDVQQKDBtEaWdpLSBqYSB2YWVzdG90aWV0b3Zp cmFzdG8xEjAQBgNVBAUTCTAyNDU0MzctMjEsMCoGA1UEAwwjbWV0YWRhdGEtc2ln bmluZy50dW5uaXN0dXMuc3VvbWkuZmkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw ggEKAoIBAQDWBs2w0vqBSpMU89qg68Ys2rlSVuls8dgW083SsDJ8mBnu82mYCd3p /R/oOrBoNStrixobLDDhm5ICPFZlytEcS8PA0Oxq+q5Rt/ATYO5/AoL6IKHm8lf3 mig3KUDon0m3QN4/Ol3FK15xGm435ixyvVPpTuN+wJEKAkugUZmH3yVdroC7DE9G ZxEQkGZ8Bzwx6YV7XCEj5P/kCXX771e0xxPT1gHMmL2U9wS2kKK/lwIyKZQcdnm8 4sS1oFHYUDlupPY7HCvS6CS23RVSf7IK6V+FNQV/pI5FG6lDFHINk5XY548lAnEq L+2HbSsksleFxbNq7KKt/VPkngCxwsZdAgMBAAGjggHkMIIB4DAfBgNVHSMEGDAW gBRlBOgtkufLKqtXFahlKqr6txZ09jAdBgNVHQ4EFgQUzLJUEN5aPKLbWZVj8pvH 7GmMw4AwDgYDVR0PAQH/BAQDAgbAMIHXBgNVHSAEgc8wgcwwCAYGBACPegEHMIG/ BgkqgXaEBQEKIgEwgbEwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZmluZWlkLmZp L2NwczMzLzCBhQYIKwYBBQUHAgIweRp3VmFybWVubmVwb2xpdGlpa2thIG9uIHNh YXRhdmlsbGEgLSBDZXJ0aWZpa2F0IHBvbGljeSBmaW5ucyAtIENlcnRpZmljYXRl IHBvbGljeSBpcyBhdmFpbGFibGUgaHR0cDovL3d3dy5maW5laWQuZmkvY3BzMzMw DwYDVR0TAQH/BAUwAwEBADA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vcHJveHku ZmluZWlkLmZpL2NybC92cmtzcDNjLmNybDBqBggrBgEFBQcBAQReMFwwMAYIKwYB BQUHMAKGJGh0dHA6Ly9wcm94eS5maW5laWQuZmkvY2EvdnJrc3AzLmNydDAoBggr BgEFBQcwAYYcaHR0cDovL29jc3AuZmluZWlkLmZpL3Zya3NwMzANBgkqhkiG9w0B AQsFAAOCAgEAS8FOx5HnWpxusEsXBs2CphhDVurzjKlk+kEOtnL9T3EQt7h9B98Z Q2SWl6q3G/2i2gZmbglzQW8ASMqrgybIU8zrDBrlWPoWrc+9AapW6EoyuRsyH2Ib 3urP9kQfqL/h2/F09RPEqh3//TSvNYIy1es7KrHHIxvZm5X1Kl+2ubHyeAxdZcWO ktM7piGoucQwP0KdCybQ+3sGIW4m4FYELdE+Hu5fHuhf7FQBh1eMFhiGT2J61W4t 5DnrMg0m8G+7K9zEbq67OgeaQkP9KUrylWWkFfWFoAID6vDfp8M4Z9SWGwFkyF0t SLCluQRGTHE7IyrJbhVwacikiCaLpzTo7ESl8mvJ6rCUTShwoJHP5gkpznZLXybT Ny7fnLWNlNvsPYQrubMSY5KOvkaNLid/Mo/EZfju1akzO9AvAwPbIXNR0gzSZeLX mlPk6e0s/o1XpN4sIWO+0gbVrM4xmy+IeBxqi+I/h7evdHwa3rqWez1gs+CoYqMn 8Rqn7Q/Iz+psIICgSB/rwKVcmmcldzpzh6/H8gKWE0902uw0Ju3UrR3O54Cxfzlp SBCkCBtNpsgBzEsY5tFUehWv0Lb/IDo0jpiVi0NEIr7RUaED1eoAfKosP9Gx08l7 hu0wEmoannsf9kZ3CZd8c6XHWsrvKGsNY9lG9SPH+FcHLcRHx4vSbnk= </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature><EntityDescriptor entityID="https://uusi.tunnistus.fi/idp1">
<IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="fi">Suomi.fi-tunnistus</mdui:DisplayName>
<mdui:DisplayName xml:lang="en">Suomi.fi-identification</mdui:DisplayName>
<mdui:DisplayName xml:lang="sv">Suomi.fi-identifikation</mdui:DisplayName>
<mdui:Description xml:lang="fi">Suomi.fi-tunnistus</mdui:Description>
<mdui:Description xml:lang="en">Suomi.fi-identification</mdui:Description>
<mdui:Description xml:lang="sv">Suomi.fi-identifikation</mdui:Description>
<mdui:Logo height="70" width="752">https://tunnistaminen.suomi.fi/resources/img/logo_fi.svg</mdui:Logo>
</mdui:UIInfo>
</Extensions>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate> MIIG/DCCBOSgAwIBAgISBwAAAXVFzV4S7D1jRKP8ubm/MA0GCSqGSIb3DQEBCwUA MHgxCzAJBgNVBAYTAkZJMSEwHwYDVQQKExhWYWVzdG9yZWtpc3RlcmlrZXNrdXMg Q0ExGjAYBgNVBAsTEVBhbHZlbHV2YXJtZW50ZWV0MSowKAYDVQQDEyFWUksgQ0Eg Zm9yIFNlcnZpY2UgUHJvdmlkZXJzIC0gRzMwHhcNMjAxMDIyMjEwMDAwWhcNMjIx MDIyMjA1OTU5WjCBkTELMAkGA1UEBhMCRkkxEDAOBgNVBAgMB0ZJTkxBTkQxETAP BgNVBAcMCEhlbHNpbmtpMSQwIgYDVQQKDBtEaWdpLSBqYSB2YWVzdG90aWV0b3Zp cmFzdG8xEjAQBgNVBAUTCTAyNDU0MzctMjEjMCEGA1UEAwwaaWRwLnR1bm5pc3Rh bWluZW4uc3VvbWkuZmkwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCv lFwmW2Q73bIsbPvrzxF9n3MK8/2dQge89c63S/dANmz/Yj0RAZyzrkd7EWe1mzRQ SrSXesS3gl4gNgJzZDcpiywi0FGggDViLlZGvNIDWqh6SYcO5nH7UT9ouKtiVFHe Eo59aMQ9rUaerCoNEpeeYxbsU83dAQkF1OH0W8V/94IUYac9mLDPD5FOUcAY0Kxy HeuppNuFCEGSYIsKqd0wU4CNE+wuPRCDTuGv+I8nIHwC75aaDFpacgGt0OXm7D3N 0BaBnyke0nrYMbqY+e1VpiOeADHrKokKWfOXkL6Y6eNYMx2MwuFTPOnMxSN50cQO DOIrvXuVuH9+lrYYOvFtyiH6wF6NkmYjUh2yNkwMtv20SGMy3CG2nfm6DlKFwDXQ zB5nUOe5YfTWFoQWR5NrwVEVCpTN+PVTzBNp8Ul+880+RP+aooWkv9+dt1ViwkEf KRvyAGSWPI8uX8z4+76PmHi0ZLSwrHNNGdB63xJ+wzxdmXg9BD4qHZ65j9ANBT8C AwEAAaOCAeQwggHgMB8GA1UdIwQYMBaAFGUE6C2S58sqq1cVqGUqqvq3FnT2MB0G A1UdDgQWBBTRhXY0Ah5dkNaYdSoWOKWHCS9yLjAOBgNVHQ8BAf8EBAMCBsAwgdcG A1UdIASBzzCBzDAIBgYEAI96AQcwgb8GCSqBdoQFAQoiATCBsTAnBggrBgEFBQcC ARYbaHR0cDovL3d3dy5maW5laWQuZmkvY3BzMzMvMIGFBggrBgEFBQcCAjB5GndW YXJtZW5uZXBvbGl0aWlra2Egb24gc2FhdGF2aWxsYSAtIENlcnRpZmlrYXQgcG9s aWN5IGZpbm5zIC0gQ2VydGlmaWNhdGUgcG9saWN5IGlzIGF2YWlsYWJsZSBodHRw Oi8vd3d3LmZpbmVpZC5maS9jcHMzMzAPBgNVHRMBAf8EBTADAQEAMDcGA1UdHwQw MC4wLKAqoCiGJmh0dHA6Ly9wcm94eS5maW5laWQuZmkvY3JsL3Zya3NwM2MuY3Js MGoGCCsGAQUFBwEBBF4wXDAwBggrBgEFBQcwAoYkaHR0cDovL3Byb3h5LmZpbmVp ZC5maS9jYS92cmtzcDMuY3J0MCgGCCsGAQUFBzABhhxodHRwOi8vb2NzcC5maW5l aWQuZmkvdnJrc3AzMA0GCSqGSIb3DQEBCwUAA4ICAQCvPOrBbewVj0k53+SbH1WD Jj8dRxuobURxZX5Gt/nKNVbkpd6mEBwgkzGVm54p709SN33iIqIu0RaZsCTBcv2x AzFFbQgG2FsiieswuDaGjlc2sFQ/G/1gerM1uazMGEbVRSMNc9sBTdnv4WSAr8X+ mgfCIqCr1tTZDduSNZZlloXjZP0sAQ4guLCe5nKuKsdWbikkwNAuA/X/UvnjRHNS df451po9xP0Dvk0y2QqOnp37vVo60fEdX88ht9BO8PkOS/v6mJ7kQh9iT92mpM3Z +q+HAwHd9ZxwGyrnr8H6QXhmA78pGvnUTCmPNHj/V/SZFZtd7Pr0rJPrAjvPP613 3dbubOY1hSH24Pke+8pRfiuVXbJebNdy9oAis70tUNYXY09ALLonukp/wS2/nN9J MwLPAvkFYTJ0wNdeIMTQPTjOysyjZ0M5+TzIzdDfEuNTv0nSxmIfoYl2sjSw+EI1 WbAozqPqiLMkdviyKDjt0Zqh+8pld4qv4Cg/pKOGWEU29nRZJR3gL3o8xzZF4DvP 3TjDMicMwMUZj6q7v2ulRTlW/4qtT/4jD0NknrOnFtFXBZYCThZh6UjnQJoXq6gN aM+H2TPeXJ8oXOAxGoRah+9j6I1rz5gZytYgWBxZIrokpRf3xOXHK1VSw3oU3ScL Ox442mPwg9Jex1Fu5RbArA== </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate> MIIG7DCCBNSgAwIBAgIEDB9zGzANBgkqhkiG9w0BAQsFADB4MQswCQYDVQQGEwJG STEhMB8GA1UEChMYVmFlc3RvcmVraXN0ZXJpa2Vza3VzIENBMRowGAYDVQQLExFQ YWx2ZWx1dmFybWVudGVldDEqMCgGA1UEAxMhVlJLIENBIGZvciBTZXJ2aWNlIFBy b3ZpZGVycyAtIEczMB4XDTE5MDIwNzIyMDAwMFoXDTIxMDIwNzIxNTk1OVowgY8x CzAJBgNVBAYTAkZJMRAwDgYDVQQIEwdGaW5sYW5kMREwDwYDVQQHEwhIZWxzaW5r aTEeMBwGA1UEChMVVmFlc3RvcmVraXN0ZXJpa2Vza3VzMRowGAYDVQQLExFQYWx2 ZWx1dmFybWVudGVldDEfMB0GA1UEAxMWaWRwLnR1bm5pc3R1cy5zdW9taS5maTCC AaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBAK9ooJFj6AL/c5YK9CCY4NE4 t9z8FtP7YlDuR8/2ti+BWTrBFhzW1sBg/zRcG3vHUwzmTiuh+T0Qsu0NjkI+jZ0P UGKoyvhrDnBOvKK6/GyHcWN3plJ3tfa30TUoWNTRsQBMA6t1hght8hlxOeS0zpxB mvDrShBIpnzIoLGmI3uIT9GkeJG6/TmNUOFFHb+/yU/NgC4Vq8orBeq1rRTRLs3v OW20KLC57xIWG/GbgthMCInAMACKHLAD6MmOdKAeQis/6MMiWT9i29NncajVYkU4 Bngoc/wnYvcifnJvR9BeZyD872aDDPVVIMUnRpNlIJcxWUX4lHQH6vGafHHkyeq9 DrWK4I8051o8J6A5hbwKeeJbZRofpl5Mn3CRjvQ3cWyYARtb9vJTLIzhv65G6dIr QwVRiaNKFqe5EVE/7GlFYcrW/kp/48C5OzHLpOsdoazdkMJBz7QQkLlZm9RvaLdS agWjWXv2xFpvLyLq0LqsSKys0Pg67ZwPFWrxQmNsGQIDAQABo4IB5DCCAeAwHwYD VR0jBBgwFoAUZQToLZLnyyqrVxWoZSqq+rcWdPYwHQYDVR0OBBYEFHRj6VoLoeAQ gJxAIpbUnr4lTGc9MA4GA1UdDwEB/wQEAwIGwDCB1wYDVR0gBIHPMIHMMAgGBgQA j3oBBzCBvwYJKoF2hAUBCiIBMIGxMCcGCCsGAQUFBwIBFhtodHRwOi8vd3d3LmZp bmVpZC5maS9jcHMzMy8wgYUGCCsGAQUFBwICMHkad1Zhcm1lbm5lcG9saXRpaWtr YSBvbiBzYWF0YXZpbGxhIC0gQ2VydGlmaWthdCBwb2xpY3kgZmlubnMgLSBDZXJ0 aWZpY2F0ZSBwb2xpY3kgaXMgYXZhaWxhYmxlIGh0dHA6Ly93d3cuZmluZWlkLmZp L2NwczMzMA8GA1UdEwEB/wQFMAMBAQAwNwYDVR0fBDAwLjAsoCqgKIYmaHR0cDov L3Byb3h5LmZpbmVpZC5maS9jcmwvdnJrc3AzYy5jcmwwagYIKwYBBQUHAQEEXjBc MDAGCCsGAQUFBzAChiRodHRwOi8vcHJveHkuZmluZWlkLmZpL2NhL3Zya3NwMy5j cnQwKAYIKwYBBQUHMAGGHGh0dHA6Ly9vY3NwLmZpbmVpZC5maS92cmtzcDMwDQYJ KoZIhvcNAQELBQADggIBAE2Fl/XPrY09yt3YEKJibai5BMoObu6PC8i8AY6Gzq8W tt97T6hfA0PYCstxHei1iZwJi8b9T7zK2TlNVMwzPfs7O12GN067kz2Jg13rbI09 dNO5IEQDj8eXvT2R8+eFmj6CKNQEtCN6v4oS4/69RZFpQulZR4CvccDQCaGKM2Fb TKcyfw/x1G4j6tcalq+2DInIyMMjbe8xqHQZgtThZ0MGxdQLkc49Ah70x4kQefvT d/BBRAHmdOjcqspgQXR5rZUUm+ay1ae8h7sRrvt01xd90zJNQ+uyNNNkTM6A5nsZ Bae5A69F4nQYTUHTOLpscJ26ny/3VXjwF1bVBQjRmeExrYwK3sANpEvNAY1ZyIcz M1ZNp1SiRZ14SZaVqGfhpTxJfxIxXC++wXOLwqSZdQdMvlslbfEXo7TdfSNzen11 E4DbPr818iM4Zpyj+pfxp51G6SrfPJwguHXdjaEK8SW1+GyM7eAOAmU5QxwCttTR MrB7fNk7k3Nnc29i3VI9GhDCRhhU81HeMQh6wezqKlNVxWgYmu8/gv6NlvI9wr2B toYKuWosrJF2JrSNIOajv8ovYdNEoxEyFcmukbkBFZvc3+6INU3NGU/zAsf8A0CH Sc3e44Z6IPIwZQLUIK8r2wV26YcEDEvNtrzvpqS1XoabwIsiPf97Zp6Y7tBnAaoX </ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tunnistaminen.suomi.fi/idp/profile/SAML2/POST/SLO"/>
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tunnistaminen.suomi.fi/idp/profile/SAML2/Redirect/SLO"/>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tunnistaminen.suomi.fi/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tunnistaminen.suomi.fi/idp/profile/SAML2/Redirect/SSO"/>
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="fi">Digi- ja väestötietovirasto</OrganizationName>
<OrganizationName xml:lang="en">Digital and Population Data Services Agency</OrganizationName>
<OrganizationName xml:lang="sv">Myndigheten för digitalisering och befolkningsdata</OrganizationName>
<OrganizationDisplayName xml:lang="fi">Digi- ja väestötietovirasto</OrganizationDisplayName>
<OrganizationDisplayName xml:lang="en">Digital and Population Data Services Agency</OrganizationDisplayName>
<OrganizationDisplayName xml:lang="sv">Myndigheten för digitalisering och befolkningsdata</OrganizationDisplayName>
<OrganizationURL xml:lang="fi">https://dvv.fi/etusivu</OrganizationURL>
<OrganizationURL xml:lang="en">https://dvv.fi/en/</OrganizationURL>
<OrganizationURL xml:lang="sv">https://dvv.fi/sv/</OrganizationURL>
</Organization>
<ContactPerson contactType="technical">
<GivenName>Suomi.fi-tunnistus</GivenName>
<SurName>Kayttoonotot</SurName>
<EmailAddress>mailto:tunnistus-kayttoonotot@dvv.fi</EmailAddress>
</ContactPerson>
<ContactPerson contactType="administrative">
<GivenName>Suomi.fi</GivenName>
<SurName>Palvelupiste</SurName>
<EmailAddress>mailto:suomi.fi-palvelupiste@dvv.fi</EmailAddress>
</ContactPerson>
</EntityDescriptor><EntityDescriptor entityID="https://tunnistautuminen.suomi.fi/idp1"><IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><Extensions><mdui:UIInfo><mdui:DisplayName xml:lang="fi">Suomi.fi-tunnistus</mdui:DisplayName><mdui:DisplayName xml:lang="en">Suomi.fi-identification</mdui:DisplayName><mdui:DisplayName xml:lang="sv">Suomi.fi-identifikation</mdui:DisplayName><mdui:Description xml:lang="fi">Suomi.fi-tunnistus</mdui:Description><mdui:Description xml:lang="en">Suomi.fi-identification</mdui:Description><mdui:Description xml:lang="sv">Suomi.fi-identifikation</mdui:Description><mdui:Logo height="70" width="752">https://tunnistautuminen.suomi.fi/resources/img/logo_fi.svg</mdui:Logo></mdui:UIInfo></Extensions><KeyDescriptor use="signing"><ds:KeyInfo><ds:X509Data><ds:X509Certificate> MIIHDDCCBPSgAwIBAgISBwAAAXWYOQnIymkhNi5HHVGvMA0GCSqGSIb3DQEBCwUA MHgxCzAJBgNVBAYTAkZJMSEwHwYDVQQKExhWYWVzdG9yZWtpc3RlcmlrZXNrdXMg Q0ExGjAYBgNVBAsTEVBhbHZlbHV2YXJtZW50ZWV0MSowKAYDVQQDEyFWUksgQ0Eg Zm9yIFNlcnZpY2UgUHJvdmlkZXJzIC0gRzMwHhcNMjAxMTA1MTIwMDAwWhcNMjIx MTA1MjE1OTU5WjCBoTELMAkGA1UEBhMCRkkxEDAOBgNVBAgMB0ZJTkxBTkQxETAP BgNVBAcMCEhlbHNpbmtpMSQwIgYDVQQKDBtEaWdpLSBqYSB2YWVzdG90aWV0b3Zp cmFzdG8xEjAQBgNVBAUTCTAyNDU0MzctMjEzMDEGA1UEAwwqc2FtbC1zaWduaW5n LmlkcC50dW5uaXN0YXV0dW1pbmVuLnN1b21pLmZpMIIBojANBgkqhkiG9w0BAQEF AAOCAY8AMIIBigKCAYEAyVECu95O/7TiUG3xitMLIq8/JJ5hUpxis64yRhGJtXip 3VYiJ30AADZsAuU2WBc3jv8Dlsg3y+8/uVbhpclCHVi9vEedQwwsl0pfnNtGQy24 ikpCioKsu1LWoSocqr5IGJGEzFtFRygRTA4MuI3OFcZw+71nfWVP3g4nvnLkMw0h DHW+t6vY3lp1yYMlsTKnCKVB8TMICRq3F/IGHxyNNeLBjeWNLDV7P2VJ36oaw9ys RPYV0hi/At0vn4kPRMk+9qupfzGb2HD7mTGYtTN9wZa3881pIXjwJFFYEvcNcaCK 7qZYfUDyVMhdGhbcznYe8Lf6eNC9C8kLTsIuUYU3nvADKXhuTjrgdiCW3wiX0WWn sG+v+xpXjSe/yXGP7+dBhJoGdR5D2XX1etJvsJ0kvGiEqRh0A43xyB0YPEtFVTK0 SiW7X4i6u5kVj2Ask/N913M0WJbmrjRVa72kZFakAi8vJ97TMEMpjPZnK1eM5hXJ e6O9vUZTmdjOv2WZ7bjjAgMBAAGjggHkMIIB4DAfBgNVHSMEGDAWgBRlBOgtkufL KqtXFahlKqr6txZ09jAdBgNVHQ4EFgQUrWHpd43mS357O5+3S130+2soTdIwDgYD VR0PAQH/BAQDAgbAMIHXBgNVHSAEgc8wgcwwCAYGBACPegEHMIG/BgkqgXaEBQEK IgEwgbEwJwYIKwYBBQUHAgEWG2h0dHA6Ly93d3cuZmluZWlkLmZpL2NwczMzLzCB hQYIKwYBBQUHAgIweRp3VmFybWVubmVwb2xpdGlpa2thIG9uIHNhYXRhdmlsbGEg LSBDZXJ0aWZpa2F0IHBvbGljeSBmaW5ucyAtIENlcnRpZmljYXRlIHBvbGljeSBp cyBhdmFpbGFibGUgaHR0cDovL3d3dy5maW5laWQuZmkvY3BzMzMwDwYDVR0TAQH/ BAUwAwEBADA3BgNVHR8EMDAuMCygKqAohiZodHRwOi8vcHJveHkuZmluZWlkLmZp L2NybC92cmtzcDNjLmNybDBqBggrBgEFBQcBAQReMFwwMAYIKwYBBQUHMAKGJGh0 dHA6Ly9wcm94eS5maW5laWQuZmkvY2EvdnJrc3AzLmNydDAoBggrBgEFBQcwAYYc aHR0cDovL29jc3AuZmluZWlkLmZpL3Zya3NwMzANBgkqhkiG9w0BAQsFAAOCAgEA g/mPpksTTULqJijY4QGnPy+GmOQs2sWQIM4lRX2cmzYTZifktvnjdKrjxEu4ppVw Punhc4lMCgj1fqS5vSa5fPf7PKaAE7Znr9FepMvhKuUUCW2ftpbQ5ce0qRep4pB7 FRgW7O2rGdpx2zQjLHWo6r/8i8nhgLW61SIC3ebscRm9TLOf/i0jfXMJaNphKrZf pXCaXMTKF/DCtyavzCW+HuDI/L+tA/uoKCgY5W95EMrAQPC8cxdCDUUDTyIx0W2L 9C9dMB9Z/8Y75tpLSx7e6DG1Acd9za1Uw1lVOzzGUDisIQWwhPrMepPEGEbBjJCX M6lxovJHyWzcvuub34KScp8jmq/O33mOuNOSSWkwxtd2dnKFhahH/Gsx/2YbMcSK vEb3dGt7oxgFYnT93g9aGaQJEJxeWyQm3tHY3gRWb8XjQjZNJJVP7aOz/Uxarl/P hgtTQyjTw2q0KxEnMO5yS4apau8remEjJHJt9pIA4tpnsSeQzkt3XNbiieKYg9yM PQ4V4N9a5FP/loja6d2YNEgM9fvvxZiArZ5JGEPdlmy9oe9T5FboTV3GE9fxcTmW zrivoa2nMf7Hz5jOaYuxIH3ttDfMEk5+skxtwwkeuZ+cnkMXbhAWU/3JQga0piui fXAieg1MJEbkcbMbV6om6EhHv15ZBfdO4b4fo+eFK4M= </ds:X509Certificate></ds:X509Data></ds:KeyInfo></KeyDescriptor><SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tunnistautuminen.suomi.fi/idp/profile/SAML2/POST/SLO"/><SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tunnistautuminen.suomi.fi/idp/profile/SAML2/Redirect/SLO"/><NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tunnistautuminen.suomi.fi/idp/profile/SAML2/POST/SSO"/><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tunnistautuminen.suomi.fi/idp/profile/SAML2/Redirect/SSO"/></IDPSSODescriptor><Organization><OrganizationName xml:lang="fi">Digi- ja väestötietovirasto</OrganizationName><OrganizationName xml:lang="en">Digital and Population Data Services Agency</OrganizationName><OrganizationName xml:lang="sv">Myndigheten för digitalisering och befolkningsdata</OrganizationName><OrganizationDisplayName xml:lang="fi">Digi- ja väestötietovirasto</OrganizationDisplayName><OrganizationDisplayName xml:lang="en">Digital and Population Data Services Agency</OrganizationDisplayName><OrganizationDisplayName xml:lang="sv">Myndigheten för digitalisering och befolkningsdata</OrganizationDisplayName><OrganizationURL xml:lang="fi">https://dvv.fi/etusivu</OrganizationURL><OrganizationURL xml:lang="en">https://dvv.fi/en/</OrganizationURL><OrganizationURL xml:lang="sv">https://dvv.fi/sv/</OrganizationURL></Organization><ContactPerson contactType="technical"><GivenName>Suomi.fi-tunnistus</GivenName><SurName>Kayttoonotot</SurName><EmailAddress>mailto:tunnistus-kayttoonotot@dvv.fi</EmailAddress></ContactPerson><ContactPerson contactType="administrative"><GivenName>Suomi.fi</GivenName><SurName>Palvelupiste</SurName><EmailAddress>mailto:suomi.fi-palvelupiste@dvv.fi</EmailAddress></ContactPerson></EntityDescriptor></EntitiesDescriptor>
Related articles