There may come a time when you need to upload some metadata that is not published on-line. The OpenAthens LA administration interface does not currently have an option to upload metadata so you have two options:
Publish the metadata yourself
All this means is that the metadata must be somewhere that both the administration console and the runtime can see, so could even be on a filesystem. The certificate can be uploaded manually via the console if necessary.
Advantages: full visibility in the administration console, entityID typeaheads can work in release policies, and should the metadata change you only have to change it on one place.
Disadvantages: you must ensure the metadata address remains accessible.
Manually upload it to the runtime
Using your favourite FTP program, copy the metadata to each runtime and then save it with an XML extension in the /usr/share/atacama-platform/metadata folder. E.g:
With this approach, uploading the certificate via the administration console is the best way to add one when required. The metadata will be picked up at the next refresh point - either the next day, the next publish, or the next time to restart Apache (e.g.
sudo service httpd graceful), whichever is sooner.
Advantages: you do not have to maintain an accessible location for the metadata.
Disadvantages: as and when the metadata changes, you will need to update it manually on each runtime.