Added documentation for metadata signing to the advanced features documentation.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@598 44740490-163a-0410-bde0-09ae8108e29a

docs/source/simplesamlphp-advancedfeatures.xml

@@ -365,6 +365,47 @@ foreach($_SERVER as $key=>$value) {
   </section>
 
 
+  <section>
+    <title>Metadata signing</title>
+
+    <para>simpleSAMLphp supports signing of the metadata it generates.
+    Metadata signing is configured by three options:</para>
+
+    <itemizedlist>
+      <listitem>
+        <para><literal>metadata.sign.enable</literal>: Whether metadata
+        signing should be enabled or not. Set to <literal>TRUE</literal> to
+        enable metadata signing. Defaults to <literal>FALSE</literal>.</para>
+      </listitem>
+
+      <listitem>
+        <para><literal>metadata.sign.privatekey</literal>: Name of the file
+        with the private key which should be used to sign the metadata. This
+        file must exist in in the <literal>cert</literal> directory.</para>
+      </listitem>
+
+      <listitem>
+        <para><literal>metadata.sign.certificate</literal>: Name of the file
+        with the certificate which matches the private key. This file must
+        exist in in the <literal>cert</literal> directory.</para>
+      </listitem>
+    </itemizedlist>
+
+    <para>These options can be configured globally in the
+    <literal>config/config.php</literal>-file, or per SP/IdP by adding
+    them to the hosted metadata for the SP/IdP. The configuration in the
+    metadata for the SP/IdP takes precedence over the global
+    configuration.</para>
+
+    <para>There is also an additional fallback for the private key and the
+    certificate. If <literal>metadata.sign.privatekey</literal> and
+    <literal>metadata.sign.certificate</literal> isn't configured,
+    simpleSAMLphp will use the <literal>privatekey</literal> and
+    <literal>certificate</literal> options in the metadata for the
+    SP/IdP.</para>
+  </section>
+
+
   <section>
     <title>Support</title>