Status

Announcement of certificate change for IdP services from February 17-19, 2026

Information notice General Services Authentication Services Academic Cloud Login MPG Login ADFS Login General

Updates

Information

Dear operators of the service providers,
from February 17, 2026 to February 19, 2026 a certificate change will be carried out for the following Identity Providers (IdPs):

  • shibboleth-idp.gwdg.de
  • shibboleth-idp.uni-goettingen.de
    * shibboleth-idp.mpg.de
    During this period, the IDP SAML certificates are renewed once.
    This process usually runs without restrictions, as both certificates are configured in parallel during a short transition phase.

Certificate change process

  • Tuesday, 17.02.2026, approx. 10:00 a.m.: New additional certificate is imported
  • **Thursday, 19.02.2026, between 11:00-12:00 a.m.: Old certificate is removed from the metadata

Different behaviors of service providers
In the past, we have observed three possible scenarios:

  1. Metadata is downloaded automatically and regularly
  • (a) Automatic download, but no support for two certificates →
    Please suspend the automatic download until the old certificate is deleted to avoid conflicts.
  • (b) Automatic download with support for multiple certificates →
    No action required. (This is often the case with standard implementations such as shibd/Shibboleth)
  1. Certificate is permanently stored (“pinned”) in the service provider
    In this case, the changeover must take place at the same time as the change on the IdP side.

Your feedback
Please let us know which of the described variants or other special features are relevant for your service provider.
This will enable us to optimize the process and improve our service in the long term.

Certificate links from February 17, 2026
If you do not update the IdP certificate automatically, the new certificates will be available from February 17, 2026 under the following links

February 6, 2026 · 09:55 CET

← Back