After reading this page you will be ready to publish your service on our production environment. Before you continue, be sure to have to following covered:
- You have successfully tested your entity on the test environment.
- The SURFconext Agreement is in place.
- Your service meets the security requirements and makes use HTTPS and TLS.
- You have a list at hand with the institutions you want to connect with as well as contacts, name and email, we can refer to when sending the connection invite.
Now, your service has been properly tested and contracts are in place and the security requirements are met. This means that your service can be promoted to production. Let's go through this.
Add new entity for production environment
Click Add new entity for production environment to open the modal.
You're able to create a new form, or select an existing entity as the basis for your new entity. Its data will be copied into the new entity. That way you can avoid filling in a lot of duplicate info.
Review data yourself
Before pressing on the 'Publish' button on the bottom of the page, review the data. Check to see if the attributes as released are motivated, the technical and support contacts entered, etc. If you are done, proceed.
Publish service to production
All good? Press 'Publish' to promote your entity to production. Be aware that this does not automatically push the service to the SURFconext production environment since we will review this first. A ticket will be created and a mail will be send to the SURFconext Team. We will review the service and when all good, push the service to production mode.
Check your data
At this stage, we will do some checks. To keep everything up to speed, check the following prior to publishing your service:
- Think about the attributes your service actually needs. If we find not or poorly motivated use of attributes or in our opinion, to many attributes we can and will discuss this with you.
- If in this stage our test on SSL Labs fails to meet our requirements, you will need to fine tune your service using our test environment. You will need an overall Rating B or higher. Check this link to get an A rating on SSL Labs.
- We need to have some references at the institution(s) you will connect to. Have these contacts at hand, name and email, so we can use them to refer to when sending the connection request.
- If all is OK and you get the confirmation, configure the SURFconext production metadata in your service: https://metadata.surfconext.nl/idp-metadata.xml
- We will notify you when the service is set to the production environment.
Edit production entity
Not happy with the current production entity? You can edit your production entity.