The current client installer works by copying the idp metadata to a static file.
Now that the metadata is regenerated on the fly and has expiration times the installer should stop copying it and instead configure mod_auth_mellon with the URL where the IdP metadata is exposed so that it can automatically refresh the metadata as required.
milestone: => 1.0 m3
I don't see any capability for mod_auth_mellon to use a URL for the metadata. The nearest thing I see is the MellonDiscoveryURL directive used for an IdP discovery service, but that is for selecting amongst multiple IdPs:
The consensus upstream is that this is best done by a cronjob. Details are in the mod_mellon mailing list thread here:
milestone: 1.0 m3 => 1.0
milestone: 1.0 m4 => Backlog
Metadata Update from @nkinder:
- Issue set to the milestone: Backlog
to comment on this ticket.