Hi Guilhem,
I’m afraid that’s not possible currently.
However, that’s not mandatory in the SAML metadata and the IdP should not require it to use your metadata.
In any case, what the IdP is requiring you to support is symmetric key encryption with a shared key (you can configure that by specifying the “sharedkey” config option in the remote IdP metadata), and that’s something I wouldn’t recommend. Usually, public key cryptography is used instead with self-signed certificates included in the metadata.
--
Jaime Pérez
UNINETT / Feide
jaime...@uninett.no
jaime...@protonmail.com
9A08 EA20 E062 70B4 616B 43E3 562A FE3A 6293 62C2
"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost