From 5a58beb642fb432408ec6546b31c5f2fce20a026 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 23 Jun 2008 08:23:01 +0000
Subject: [PATCH] Document that certFingerprint now accepts an array.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@690 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/source/simplesamlphp-sp.xml | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/docs/source/simplesamlphp-sp.xml b/docs/source/simplesamlphp-sp.xml
index cd35ea73d..1a41e7f76 100644
--- a/docs/source/simplesamlphp-sp.xml
+++ b/docs/source/simplesamlphp-sp.xml
@@ -436,13 +436,20 @@
             <glossterm>certFingerprint</glossterm>
 
             <glossdef>
-              <para>The <literal>md5</literal> checksum of the certificate
+              <para>The <literal>sha1</literal> checksum of the certificate
               used by the IdP. If you don't know how to compute this, you can
               leave it as it is, and then you'll get an error message the
               first time you try to login. In this error message you are told
               what is the fingerprint of the IdP certificiate, which you may
               copy to this metadata parameter.</para>
 
+              <para>It is also possible to add an array of valid fingerprints,
+              where any fingerprints in that array is accepted as valid. This
+              can be used to update the certificate of the IdP without having
+              to update every SP at that exact time. Instead, one can update
+              the SPs with the new fingerprint, and only update the certificate
+              after every SP is updated.</para>
+
               <para>See <xref linkend="a.fingerprint" /> for an example of how
               to calculate the fingerprint with the <literal>openssl</literal>
               tool.</para>
@@ -783,13 +790,20 @@
           <glossterm>certFingerprint</glossterm>
 
           <glossdef>
-            <para>The <literal>md5</literal> checksum of the certificate used
+            <para>The <literal>sha</literal> checksum of the certificate used
             by the IdP. If you don't know how to compute this, you can leave
             it as it is, and then you'll get an error message the first time
             you try to login. In this error message you are told what is the
             fingerprint of the IdP certificiate, which you may copy to this
             metadata parameter.</para>
 
+            <para>It is also possible to add an array of valid fingerprints,
+            where any fingerprints in that array is accepted as valid. This
+            can be used to update the certificate of the IdP without having to
+            update every SP at that exact time. Instead, one can update the
+            SPs with the new fingerprint, and only update the certificate
+            after every SP is updated.</para>
+
             <para>See <xref linkend="a.fingerprint" /> for an example of how
             to calculate the fingerprint with the openssl tool.</para>
           </glossdef>
-- 
GitLab