Possible problem with key exchange
Cantor, Scott
cantor.2 at osu.edu
Thu Apr 26 14:50:19 BST 2012
On 4/25/12 5:32 PM, "Muzinich, Mike" <MuziniM at losrios.edu> wrote:
>I brought over the entire /opt/shibboleth-idp directory structure from a
>functional system and thought I had Tomcat and Apache configured
>correctly but obviously have something configured incorrectly.
The only place that would matter is the IdP itself, what credential it's
using to sign. There's no TLS involved. But I have no idea what Google
does to evaluate the key. If it does a public key compare, it should work.
If it does more with the cert...
> Incidentally, the FQDN in the Shibboleth configuration
> is a CNAME which I change to go from our production system to the new
>system.
That suggests they are doing more with the cert.
-- Scott
More information about the users
mailing list