This guide describes how to upgrade to the current version of the Service provider 2.4.2
Before upgrading a Service Provider, it is recommended to create a backup of all necessary configuration files.
We strongly suggest to backup the entire/etc/shibboleth.
If your shibboleth directory is not /etc/shibboleth but /etc/shibboleth2, then backup /etc/shibboleth2 and rename the entire directory as /etc/shibboleth.
export MYBUILD=~/shibsp2.4.3-build mkdir $MYBUILD
wget http://shibboleth.net/downloads/log4shib/latest/log4shib-1.0.4.tar.gz -P $MYBUILD wget http://shibboleth.net/downloads/c++-opensaml/latest/xmltooling-1.4.2.tar.gz -P $MYBUILD wget http://shibboleth.net/downloads/c++-opensaml/latest/opensaml-2.4.3.tar.gz -P $MYBUILD wget http://shibboleth.net/downloads/service-provider/latest/shibboleth-sp-2.4.3.tar.gz -P $MYBUILD wget http://mirror.switch.ch/mirror/apache/dist/santuario/c-library/xml-security-c-1.6.1.tar.gz -P $MYBUILD
for f in $MYBUILD/*.tar.gz; do tar -xzvf $f -C $MYBUILD; done
SHIB_HOME
if the target directory is somewhere else: export SHIB_HOME=/opt/shibboleth-sp-2.4.3
mkdir $SHIB_HOME
cd $MYBUILD/log4shib-1.0.4/ ./configure --prefix=$SHIB_HOME --disable-static --disable-doxygen make make install
cd $MYBUILD/xml-security-c-1.6.1/ ./configure --prefix=$SHIB_HOME make make install
cd $MYBUILD/xmltooling-1.4.2/ ./configure --prefix=$SHIB_HOME --with-log4shib=$SHIB_HOME --with-xmlsec=$SHIB_HOME -C make make install
cd $MYBUILD/opensaml-2.4.3/ ./configure --prefix=$SHIB_HOME --with-log4shib=$SHIB_HOME -C make make install
cd $MYBUILD/shibboleth-2.4.3/ ./configure --prefix=$SHIB_HOME --enable-apache-22 \ --with-log4shib=$SHIB_HOME --with-xmltooling=$SHIB_HOME --with-saml=$SHIB_HOME -C make make install
if [ -L /opt/shibboleth-sp] ; then rm /opt/shibboleth-sp ; fi; ln -sf $SHIB_HOME /opt/shibboleth-sp
# Load the shibboleth module LoadModule mod_shib /opt/shibboleth-sp/lib/shibboleth/mod_shib_22.so
a2enmod shib
cp $SHIB_HOME/etc/shibboleth/shibd-debian /etc/init.d/shibdAdjust the init script:
PATH=/sbin:/bin:/usr/sbin:/usr/bin DESC="Shibboleth 2 daemon" NAME=shibd SHIB_HOME=/opt/shibboleth-sp SHIBSP_CONFIG=/etc/shibboleth/shibboleth2.xml LD_LIBRARY_PATH=$SHIB_HOME/lib DAEMON=$SHIB_HOME/sbin/shibd SCRIPTNAME=/etc/init.d/$NAME PIDFILE=/var/run/$NAME.pid ...Install the init script:
chmod +x /etc/init.d/shibd update-rc.d shibd defaults
The main configuration of the Shibboleth Service Provider is done in
/etc/shibboleth/shibboleth2.xml.
Go to the 1. Setup Profile of the deployment guide, provide all the information about your environment, click on the Update Setup Profile button and from
the "Quick download of configuration files" section download the file /etc/shibboleth/shibboleth2.xml that now will contain all your info.
Store this file in /etc/shibboleth.
wget -nc https://www.switch.ch/aai/docs/shibboleth/SWITCH/2.4/sp/deployment/download/attribute-map.xml \ -P /etc/shibboleth/
wget -nc https://www.switch.ch/aai/docs/shibboleth/SWITCH/2.4/sp/deployment/download/attribute-policy.xml / -P /etc/shibboleth/
/opt/shibboleth-sp/sbin/shibd -t -c /etc/shibboleth/shibboleth2.xml
/etc/init.d/shibd restart
apache2ctl configtest apache2ctl restart
... <!-- Status reporting service. --> <Handler type="Status" Location="/Status" acl="127.0.0.1 (add here your IPAddress)"/> ...