1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
|
<?xml version="1.0" encoding="UTF-8"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://login.rz.rwth-aachen.de/shibboleth">
<IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">rwth-aachen.de</saml1md:Scope>
</Extensions>
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>login.rz.rwth-aachen.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=login.rz.rwth-aachen.de,OU=Rechen- und Kommunikationszentum,O=RWTH Aachen,L=Aachen,ST=Nordrhein-Westfalen,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEC1FmFjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTEUMBIGA1UEChMLUldUSCBBYWNoZW4xFzAVBgNVBAMTDlJXVEggQWFjaGVuIENB
MSAwHgYJKoZIhvcNAQkBFhFjYUByd3RoLWFhY2hlbi5kZTAeFw0wNzExMDcxNjMy
MDhaFw0xMjExMDUxNjMyMDhaMIGfMQswCQYDVQQGEwJERTEcMBoGA1UECBMTTm9y
ZHJoZWluLVdlc3RmYWxlbjEPMA0GA1UEBxMGQWFjaGVuMRQwEgYDVQQKEwtSV1RI
IEFhY2hlbjEpMCcGA1UECxMgUmVjaGVuLSB1bmQgS29tbXVuaWthdGlvbnN6ZW50
dW0xIDAeBgNVBAMTF2xvZ2luLnJ6LnJ3dGgtYWFjaGVuLmRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2hVOkyelzF5UQylTADmmcHzrwzRjteUTx6b
SCnQlTUiCsMGdICcOdP/kzBHDTJsd5AAlb5DMZ5M4O4Vl1NaJPLDT7nQj3oAF9pu
CNv9XeguWwR1Bsy+KzJ+ixxVP0nt6665zY9FSRPJOVII6ziNUgedmtFV96jWQ49P
R6duFD9CDyAlLj2DZSANeG50sX1Bcfc5F6UHSgkTzLnJqtl3ufQ/ltZyb3iEmOLS
mcoOKaS/HUV4vp1y6zVCLbU/i8t82vr6zFB0zJuQiiFQtrp1j/V06XuXxzjpleUz
jySyWf+4W1svGGWkQdZyPdht90i1NFCYQIhSY+U3iNNGl2SnOwIDAQABo4IBjTCC
AYkwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIG
CCsGAQUFBwMBMB0GA1UdDgQWBBSOzgsiaPAKHD8PTdDijBwTIGvetTAfBgNVHSME
GDAWgBRu1T7AHC9xyTy/SU7valVI7NHyODB5BgNVHR8EcjBwMDagNKAyhjBodHRw
Oi8vY2RwMS5wY2EuZGZuLmRlL3J3dGgtY2EvcHViL2NybC9jYWNybC5jcmwwNqA0
oDKGMGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY3JsL2NhY3Js
LmNybDCBlAYIKwYBBQUHAQEEgYcwgYQwQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwQAYIKwYB
BQUHMAKGNGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0
L2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAGl5Pq3DyUfhi1G/TEB6/rlf
fPG85RidFcLXm5BamuZithBT2F/pvFRnlnaogUU6ik9I73qdxFLKAX7c+K/BC89D
jEosFBgD4zCHRTe3gnyBhG4+T40smabgvEBS1LOJPib14nLPOPouFnvdwaD+hCq0
3XjbCwyEGgGnODTgFAkL+bWx/mgEZpbiCtzYuOVxojm0hQ5i42l9RIKsLrZ3ooT/
T6qF9criC1jOHj11gJeZ11z/znefgOY+oK9vlc/41+JzhDWiiZ2KB05aiSfq+mTF
sHc/L7HpK3d6tFerveNpu6HAAyALsqwKOS2CqmANj5EDFnY57yTDWJZcgsMlK+c=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>login.rz.rwth-aachen.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=login.rz.rwth-aachen.de,OU=Rechen- und Kommunikationszentum,O=RWTH Aachen,L=Aachen,ST=Nordrhein-Westfalen,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEC1FmFjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTEUMBIGA1UEChMLUldUSCBBYWNoZW4xFzAVBgNVBAMTDlJXVEggQWFjaGVuIENB
MSAwHgYJKoZIhvcNAQkBFhFjYUByd3RoLWFhY2hlbi5kZTAeFw0wNzExMDcxNjMy
MDhaFw0xMjExMDUxNjMyMDhaMIGfMQswCQYDVQQGEwJERTEcMBoGA1UECBMTTm9y
ZHJoZWluLVdlc3RmYWxlbjEPMA0GA1UEBxMGQWFjaGVuMRQwEgYDVQQKEwtSV1RI
IEFhY2hlbjEpMCcGA1UECxMgUmVjaGVuLSB1bmQgS29tbXVuaWthdGlvbnN6ZW50
dW0xIDAeBgNVBAMTF2xvZ2luLnJ6LnJ3dGgtYWFjaGVuLmRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2hVOkyelzF5UQylTADmmcHzrwzRjteUTx6b
SCnQlTUiCsMGdICcOdP/kzBHDTJsd5AAlb5DMZ5M4O4Vl1NaJPLDT7nQj3oAF9pu
CNv9XeguWwR1Bsy+KzJ+ixxVP0nt6665zY9FSRPJOVII6ziNUgedmtFV96jWQ49P
R6duFD9CDyAlLj2DZSANeG50sX1Bcfc5F6UHSgkTzLnJqtl3ufQ/ltZyb3iEmOLS
mcoOKaS/HUV4vp1y6zVCLbU/i8t82vr6zFB0zJuQiiFQtrp1j/V06XuXxzjpleUz
jySyWf+4W1svGGWkQdZyPdht90i1NFCYQIhSY+U3iNNGl2SnOwIDAQABo4IBjTCC
AYkwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIG
CCsGAQUFBwMBMB0GA1UdDgQWBBSOzgsiaPAKHD8PTdDijBwTIGvetTAfBgNVHSME
GDAWgBRu1T7AHC9xyTy/SU7valVI7NHyODB5BgNVHR8EcjBwMDagNKAyhjBodHRw
Oi8vY2RwMS5wY2EuZGZuLmRlL3J3dGgtY2EvcHViL2NybC9jYWNybC5jcmwwNqA0
oDKGMGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY3JsL2NhY3Js
LmNybDCBlAYIKwYBBQUHAQEEgYcwgYQwQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwQAYIKwYB
BQUHMAKGNGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0
L2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAGl5Pq3DyUfhi1G/TEB6/rlf
fPG85RidFcLXm5BamuZithBT2F/pvFRnlnaogUU6ik9I73qdxFLKAX7c+K/BC89D
jEosFBgD4zCHRTe3gnyBhG4+T40smabgvEBS1LOJPib14nLPOPouFnvdwaD+hCq0
3XjbCwyEGgGnODTgFAkL+bWx/mgEZpbiCtzYuOVxojm0hQ5i42l9RIKsLrZ3ooT/
T6qF9criC1jOHj11gJeZ11z/znefgOY+oK9vlc/41+JzhDWiiZ2KB05aiSfq+mTF
sHc/L7HpK3d6tFerveNpu6HAAyALsqwKOS2CqmANj5EDFnY57yTDWJZcgsMlK+c=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.rz.rwth-aachen.de:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.rz.rwth-aachen.de:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.rz.rwth-aachen.de/idp/profile/Shibboleth/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.rz.rwth-aachen.de/idp/profile/SAML2/POST/SSO"/>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.rz.rwth-aachen.de/idp/profile/SAML2/Redirect/SSO"/>
</IDPSSODescriptor>
<AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<saml1md:Scope xmlns:saml1md="urn:mace:shibboleth:metadata:1.0" regexp="false">rwth-aachen.de</saml1md:Scope>
</Extensions>
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>login.rz.rwth-aachen.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=login.rz.rwth-aachen.de,OU=Rechen- und Kommunikationszentum,O=RWTH Aachen,L=Aachen,ST=Nordrhein-Westfalen,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEC1FmFjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTEUMBIGA1UEChMLUldUSCBBYWNoZW4xFzAVBgNVBAMTDlJXVEggQWFjaGVuIENB
MSAwHgYJKoZIhvcNAQkBFhFjYUByd3RoLWFhY2hlbi5kZTAeFw0wNzExMDcxNjMy
MDhaFw0xMjExMDUxNjMyMDhaMIGfMQswCQYDVQQGEwJERTEcMBoGA1UECBMTTm9y
ZHJoZWluLVdlc3RmYWxlbjEPMA0GA1UEBxMGQWFjaGVuMRQwEgYDVQQKEwtSV1RI
IEFhY2hlbjEpMCcGA1UECxMgUmVjaGVuLSB1bmQgS29tbXVuaWthdGlvbnN6ZW50
dW0xIDAeBgNVBAMTF2xvZ2luLnJ6LnJ3dGgtYWFjaGVuLmRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2hVOkyelzF5UQylTADmmcHzrwzRjteUTx6b
SCnQlTUiCsMGdICcOdP/kzBHDTJsd5AAlb5DMZ5M4O4Vl1NaJPLDT7nQj3oAF9pu
CNv9XeguWwR1Bsy+KzJ+ixxVP0nt6665zY9FSRPJOVII6ziNUgedmtFV96jWQ49P
R6duFD9CDyAlLj2DZSANeG50sX1Bcfc5F6UHSgkTzLnJqtl3ufQ/ltZyb3iEmOLS
mcoOKaS/HUV4vp1y6zVCLbU/i8t82vr6zFB0zJuQiiFQtrp1j/V06XuXxzjpleUz
jySyWf+4W1svGGWkQdZyPdht90i1NFCYQIhSY+U3iNNGl2SnOwIDAQABo4IBjTCC
AYkwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIG
CCsGAQUFBwMBMB0GA1UdDgQWBBSOzgsiaPAKHD8PTdDijBwTIGvetTAfBgNVHSME
GDAWgBRu1T7AHC9xyTy/SU7valVI7NHyODB5BgNVHR8EcjBwMDagNKAyhjBodHRw
Oi8vY2RwMS5wY2EuZGZuLmRlL3J3dGgtY2EvcHViL2NybC9jYWNybC5jcmwwNqA0
oDKGMGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY3JsL2NhY3Js
LmNybDCBlAYIKwYBBQUHAQEEgYcwgYQwQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwQAYIKwYB
BQUHMAKGNGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0
L2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAGl5Pq3DyUfhi1G/TEB6/rlf
fPG85RidFcLXm5BamuZithBT2F/pvFRnlnaogUU6ik9I73qdxFLKAX7c+K/BC89D
jEosFBgD4zCHRTe3gnyBhG4+T40smabgvEBS1LOJPib14nLPOPouFnvdwaD+hCq0
3XjbCwyEGgGnODTgFAkL+bWx/mgEZpbiCtzYuOVxojm0hQ5i42l9RIKsLrZ3ooT/
T6qF9criC1jOHj11gJeZ11z/znefgOY+oK9vlc/41+JzhDWiiZ2KB05aiSfq+mTF
sHc/L7HpK3d6tFerveNpu6HAAyALsqwKOS2CqmANj5EDFnY57yTDWJZcgsMlK+c=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyName>login.rz.rwth-aachen.de</ds:KeyName>
<ds:X509Data>
<ds:X509SubjectName>CN=login.rz.rwth-aachen.de,OU=Rechen- und Kommunikationszentum,O=RWTH Aachen,L=Aachen,ST=Nordrhein-Westfalen,C=DE</ds:X509SubjectName>
<ds:X509Certificate>MIIFCzCCA/OgAwIBAgIEC1FmFjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJE
RTEUMBIGA1UEChMLUldUSCBBYWNoZW4xFzAVBgNVBAMTDlJXVEggQWFjaGVuIENB
MSAwHgYJKoZIhvcNAQkBFhFjYUByd3RoLWFhY2hlbi5kZTAeFw0wNzExMDcxNjMy
MDhaFw0xMjExMDUxNjMyMDhaMIGfMQswCQYDVQQGEwJERTEcMBoGA1UECBMTTm9y
ZHJoZWluLVdlc3RmYWxlbjEPMA0GA1UEBxMGQWFjaGVuMRQwEgYDVQQKEwtSV1RI
IEFhY2hlbjEpMCcGA1UECxMgUmVjaGVuLSB1bmQgS29tbXVuaWthdGlvbnN6ZW50
dW0xIDAeBgNVBAMTF2xvZ2luLnJ6LnJ3dGgtYWFjaGVuLmRlMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2hVOkyelzF5UQylTADmmcHzrwzRjteUTx6b
SCnQlTUiCsMGdICcOdP/kzBHDTJsd5AAlb5DMZ5M4O4Vl1NaJPLDT7nQj3oAF9pu
CNv9XeguWwR1Bsy+KzJ+ixxVP0nt6665zY9FSRPJOVII6ziNUgedmtFV96jWQ49P
R6duFD9CDyAlLj2DZSANeG50sX1Bcfc5F6UHSgkTzLnJqtl3ufQ/ltZyb3iEmOLS
mcoOKaS/HUV4vp1y6zVCLbU/i8t82vr6zFB0zJuQiiFQtrp1j/V06XuXxzjpleUz
jySyWf+4W1svGGWkQdZyPdht90i1NFCYQIhSY+U3iNNGl2SnOwIDAQABo4IBjTCC
AYkwCQYDVR0TBAIwADALBgNVHQ8EBAMCBeAwHQYDVR0lBBYwFAYIKwYBBQUHAwIG
CCsGAQUFBwMBMB0GA1UdDgQWBBSOzgsiaPAKHD8PTdDijBwTIGvetTAfBgNVHSME
GDAWgBRu1T7AHC9xyTy/SU7valVI7NHyODB5BgNVHR8EcjBwMDagNKAyhjBodHRw
Oi8vY2RwMS5wY2EuZGZuLmRlL3J3dGgtY2EvcHViL2NybC9jYWNybC5jcmwwNqA0
oDKGMGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY3JsL2NhY3Js
LmNybDCBlAYIKwYBBQUHAQEEgYcwgYQwQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZHAx
LnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0L2NhY2VydC5jcnQwQAYIKwYB
BQUHMAKGNGh0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvcnd0aC1jYS9wdWIvY2FjZXJ0
L2NhY2VydC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAGl5Pq3DyUfhi1G/TEB6/rlf
fPG85RidFcLXm5BamuZithBT2F/pvFRnlnaogUU6ik9I73qdxFLKAX7c+K/BC89D
jEosFBgD4zCHRTe3gnyBhG4+T40smabgvEBS1LOJPib14nLPOPouFnvdwaD+hCq0
3XjbCwyEGgGnODTgFAkL+bWx/mgEZpbiCtzYuOVxojm0hQ5i42l9RIKsLrZ3ooT/
T6qF9criC1jOHj11gJeZ11z/znefgOY+oK9vlc/41+JzhDWiiZ2KB05aiSfq+mTF
sHc/L7HpK3d6tFerveNpu6HAAyALsqwKOS2CqmANj5EDFnY57yTDWJZcgsMlK+c=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.rz.rwth-aachen.de:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
<AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.rz.rwth-aachen.de:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
<NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
<NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
</AttributeAuthorityDescriptor>
<Organization>
<OrganizationName xml:lang="de">RWTH Aachen</OrganizationName>
<OrganizationDisplayName xml:lang="de">RWTH Aachen</OrganizationDisplayName>
<OrganizationURL xml:lang="de">http://www.rwth-aachen.de</OrganizationURL>
</Organization>
<ContactPerson contactType="administrative">
<GivenName>Christian</GivenName>
<SurName>Bischof</SurName>
<EmailAddress>bischof@rz.rwth-aachen.de</EmailAddress>
</ContactPerson>
<ContactPerson contactType="technical">
<GivenName>Wilfred</GivenName>
<SurName>Gasper</SurName>
<EmailAddress>sso@rz.rwth-aachen.de</EmailAddress>
</ContactPerson>
</EntityDescriptor>
|
