Update the documentation regarding certificates.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3305 44740490-163a-0410-bde0-09ae8108e29a

docs/simplesamlphp-authproc.txt

@@ -109,8 +109,8 @@ Filters can be added both in `hosted` and `remote` metadata. Here is an example
 
 	'__DYNAMIC:1__' => array(
 		'host'				=>	'__DEFAULT_',
-		'privatekey'		=>	'server.pem',
-		'certificate'		=>	'server.crt',
+		'privatekey'		=>	'example.org.pem',
+		'certificate'		=>	'example.org.crt',
 		'auth'				=>	'feide',
 		'authproc' => array(
 			40 => 'core:AttributeRealm',

docs/simplesamlphp-idp.txt

@@ -122,6 +122,23 @@ This configuration creates two users - `student` and `employee`, with the passwo
 The attributes will be returned by the IdP when the user logs on.
 
 
+Creating a SSL self signed certificate
+--------------------------------------
+
+Here is an example of an `openssl`-command which can be used to generate a new private key key and the corresponding self-signed certificate.
+
+This key and certificate can be used to sign SAML messages:
+
+    openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
+
+The certificate above will be valid for 10 years.
+
+
+### Note ###
+
+simpleSAMLphp will only work with RSA certificates. DSA certificates are not supported.
+
+
 Configuring the IdP
 -------------------
 
@@ -142,8 +159,8 @@ This is a minimal configuration of a SAML 2.0 IdP:
          * The private key and certificate to use when signing responses.
          * These are stored in the cert-directory.
          */
-        'privatekey' => 'server.pem',
-        'certificate' => 'server.crt',
+        'privatekey' => 'example.org.pem',
+        'certificate' => 'example.org.crt',
 
         /*
          * The authentication source which should be used to authenticate the
@@ -189,30 +206,6 @@ If you have the metadata of the remote SP as an XML file, you can use the built-
 For more information about available options in the sp-remote metadata files, see the [SP remote reference](simplesamlphp-reference-sp-remote).
 
 
-Creating a SSL self signed certificate
---------------------------------------
-
-For test purposes, you can skip this section, and use the certificate included in the simpleSAMLphp distribution.
-
-Here is an example of an `openssl`-command which can be used to generate a new private key key and the corresponding self-signed certificate.
-
-This key and certificate can be used to sign SAML messages:
-
-    openssl req -newkey rsa:2048 -new -x509 -days 3652 -nodes -out example.org.crt -keyout example.org.pem
-
-The certificate above will be valid for 10 years.
-
-
-### Note ###
-
-simpleSAMLphp will only work with RSA certificates. DSA certificates are not supported.
-
-
-### Warning ###
-
-The certificate that is included in the simpleSAMLphp distribution must **NEVER** be used in production, as the private key is also included in the package and can be downloaded by anyone.
-
-
 Adding this IdP to other SPs
 ----------------------------
 

docs/simplesamlphp-metadata-extensions-attributes.txt

@@ -79,8 +79,8 @@ If given the following configuration...
 
     $metadata['https://www.example.com/saml/saml2/idp/metadata.php'] = array(
         'host' => 'www.example.com',
-        'certificate' => 'server.crt',
-        'privatekey' => 'server.pem',
+        'certificate' => 'example.com.crt',
+        'privatekey' => 'example.com.pem',
         'auth' => 'example-userpass',
 
 		'EntityAttributes' => array(

docs/simplesamlphp-metadata-extensions-ui.txt

@@ -184,8 +184,8 @@ If given the following configuration...
 
     $metadata['https://www.example.com/saml/saml2/idp/metadata.php'] = array(
         'host' => 'www.example.com',
-        'certificate' => 'server.crt',
-        'privatekey' => 'server.pem',
+        'certificate' => 'example.com.crt',
+        'privatekey' => 'example.com.pem',
         'auth' => 'example-userpass',
 
         'UIInfo' => array(

docs/simplesamlphp-modules.txt

@@ -140,8 +140,8 @@ To use this authentication source in a SAML 2.0 IdP, set the
 
     '__DYNAMIC:1__' => array(
       'host' => '__DEFAULT__',
-      'privatekey' => 'server.pem',
-      'certificate' => 'server.crt',
+      'privatekey' => 'example.org.pem',
+      'certificate' => 'example.org.crt',
       'auth' => 'example-static',
     ),
 

docs/simplesamlphp-reference-idp-hosted.txt

@@ -362,8 +362,8 @@ These are some examples of IdP metadata
         'host' => '__DEFAULT__',
 
         /* The private key and certificate used by this IdP. */
-        'certificate' => 'server.crt',
-        'privatekey' => 'server.pem',
+        'certificate' => 'example.org.crt',
+        'privatekey' => 'example.org.pem',
 
         /*
          * The authentication source for this IdP. Must be one

docs/simplesamlphp-reference-idp-remote.txt

@@ -196,7 +196,7 @@ These options overrides the options set in `saml20-sp-hosted`.
 **Example: Configuration for validating messages**
 
     'redirect.validate' => TRUE,
-    'certificate' => 'server.crt',
+    'certificate' => 'example.org.crt',
 
 
 Shibboleth 1.3 options
@@ -238,7 +238,7 @@ Calculating the fingerprint of a certificate
 
 If you have obtained a certificate file, and want to calculate the fingerprint of the file, you can use the `openssl` command:
 
-    $ openssl x509 -noout -fingerprint -in "server.crt"
+    $ openssl x509 -noout -fingerprint -in "example.org.crt"
     SHA1 Fingerprint=AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9
 
 In this case, the certFingerprint option should be set to `AF:E7:1C:28:EF:74:0B:C8:74:25:BE:13:A2:26:3D:37:97:1D:A1:F9`.

docs/simplesamlphp-reference-sp-remote.txt

@@ -339,7 +339,7 @@ These options overrides the options set in `saml20-idp-hosted`.
 **Example: Configuration for validating messages**
 
     'redirect.validate' => TRUE,
-    'certificate' => 'server.crt',
+    'certificate' => 'example.org.crt',
 
 ### Fields for scoping