config.rb.erb in shibboleths_lil_helper-1.0.1

- old
+ new

@@ -5,9 +5,16 @@
 
   for_apache_host 'SOMEHOSTNAME.COM' do
     # UNCOMMENT THIS IF YOUR SHIB STUFF LIVES IN A NON-STANDARD LOCATION 
     # set :shib_prefix, '/swadm/etc/shibboleth'
     for_site 'SOMESITENAME1.COM' do
+      # Each strategy must set this for exactly one site
+      # its used as the authoritative source to from which all other
+      # sites metadata's X509Certificate should match
+      # the sp-key.pem and sp-cert.pem files from this host should be
+      # copied to all other hosts underneath the strategy
+      #
+      set :is_key_originator, true
       protect 'SOME_PATH_YOU_WANT_TO_REQUIRE_AUTH'
     end
     for_site 'SOMESITENAME2.COM' do
       protect 'SOME_PATH_YOU_WANT_OPTIONAL_AUTH' do
         set :flavor, :authentication_optional