diff --git a/lib/SimpleSAML/Metadata/SAMLBuilder.php b/lib/SimpleSAML/Metadata/SAMLBuilder.php
index 057f9886c77b37547ce336788aedeb5769b3f111..da0107296942acd83e59233acda979661ccbbf6a 100644
--- a/lib/SimpleSAML/Metadata/SAMLBuilder.php
+++ b/lib/SimpleSAML/Metadata/SAMLBuilder.php
@@ -488,8 +488,10 @@ class SimpleSAML_Metadata_SAMLBuilder {
 		$e = new SAML2_XML_md_IDPSSODescriptor();
 		$e->protocolSupportEnumeration[] = 'urn:oasis:names:tc:SAML:2.0:protocol';
 
-		if ($metadata->getBoolean('redirect.sign', FALSE)) {
-			$e->WantAuthnRequestsSigned = TRUE;
+		if ($metadata->hasValue('sign.authnrequest')) {
+			$e->WantAuthnRequestsSigned = $metadata->getBoolean('sign.authnrequest');
+		} elseif ($metadata->hasValue('redirect.sign')) {
+			$e->WantAuthnRequestsSigned = $metadata->getBoolean('redirect.sign');
 		}
 
 		$this->addExtensions($metadata, $e);
diff --git a/www/saml2/idp/metadata.php b/www/saml2/idp/metadata.php
index cf24b788f18a8e63c7284f45f039820a86b1133a..0b5f943dfb65e81fe3d4294393f5a3352ce089ec 100644
--- a/www/saml2/idp/metadata.php
+++ b/www/saml2/idp/metadata.php
@@ -150,6 +150,14 @@ try {
 		$metaArray['RegistrationInfo'] = $idpmeta->getArray('RegistrationInfo');
 	}
 
+	if ($idpmeta->hasValue('validate.authnrequest')) {
+		$metaArray['sign.authnrequest'] = $idpmeta->getBoolean('validate.authnrequest');
+	}
+
+	if ($idpmeta->hasValue('redirect.validate')) {
+		$metaArray['redirect.sign'] = $idpmeta->getBoolean('redirect.validate');
+	}
+
 	$metaflat = '$metadata[' . var_export($idpentityid, TRUE) . '] = ' . var_export($metaArray, TRUE) . ';';
 
 	$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($idpentityid);