IdP deployment troubles about SSL-v3 keyUsages of IdP x509 certificate...
Cantor, Scott
cantor.2 at osu.edu
Tue Aug 28 10:39:07 EDT 2012
On 8/28/12 10:31 AM, "FUGAGNOLI Bertrand - Contractor"
<bertrand.fugagnoli at external.thalesgroup.com> wrote:
>Hi,
>
>I would like to know more about Shibboleth IDP certificate and SSL-v3
>keyUsagesŠ
>
>Question: what are the specs about Shibboleth IDP x509 certificate SSL-v3
>extension KeyUsage?
There are none. I don't think this has anything to do with the IdP.
>17:44:33.633 - ERROR [edu.vt.middleware.ldap.pool.DefaultLdapFactory:109]
>- unabled to connect to the ldap
That's the error, it's not with the IdP's cert.
>Caused by: javax.net.ssl.SSLHandshakeException:
>sun.security.validator.ValidatorException: KeyUsage does not allow key
>encipherment
> at
>com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
>~[na:1.6]
> ... 82 common frames omitted
>Caused by: sun.security.validator.ValidatorException: KeyUsage does not
>allow key encipherment
I would think that's talking about the LDAP server's cert.
-- Scott
More information about the users
mailing list