<!-- safeID metadata -->
<!-- safeID -->
<MetadataProvider
id="safeid-metadata"
xsi:type="FileBackedHTTPMetadataProvider"
backingFile="%{idp.home}/metadata/metadata.safeid.sk.xml"
metadataURL="https://metadata.safeid.sk/metadata/metadata.safeid.sk.xml"
maxRefreshDelay="PT30M">
<MetadataFilter
xsi:type="SignatureValidation"
requireSignedRoot="true"
certificateFile="%{idp.home}/credentials/safeid-metadata-signing.pem" />
<MetadataFilter
xsi:type="RequiredValidUntil"
maxValidityInterval="P30D" />
<MetadataFilter
xsi:type="Algorithm">
<md:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<ConditionRef>shibboleth.Conditions.TRUE</ConditionRef>
</MetadataFilter>
</MetadataProvider>