testing idp w/ testshib
C G
ci_98yr at yahoo.com
Sat Nov 3 09:06:29 EDT 2012
Shib gurus:
We are going in circles testing our idp:
loaded the following idp data (metadata) to testshib and I always get
opensaml::saml2md::MetadataException at (https://sp.testshib.org/Shibboleth.sso/TestShib)
Unable to locate metadata for identity provider (https://my.publicdomainip.com/idp/shibboleth)
using self-signed certs, and just tomcat for testing..
Amy pointers to troubleshoot are highly appreciated. Thanks and good day.
PS: if it matters, idp std install was made with "localhost" and later replaced by my.publicdomainip.com
=============Begin uploaded data========
<?xml version="1.0" encoding="UTF-8"?><EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://my.publicdomainip.com/idp/shibboleth" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"><Extensions><shibmd:Scope regexp="false"/></Extensions><KeyDescriptor><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDDzCCAfegAwIBAgIUVLm52qjJYNuDIE4NUQw/qUh2/dQwDQYJKoZIhvcNAQEF
BQAwFDESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTEyMTAwNDE3MTA1MloXDTMyMTAw
NDE3MTA1MlowFDESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAgbMWau8xD7wm3WmY8tlVT5ASeb1AlAr/X62OBaedd9jJ
p4ThzNBL+jAXwoxUgppOLV7XSQmNI7FA5Xm1KW84SQfdGJuvxYBdk/iKtzFbZmww
5ldnmYpkOPeC/4IFpehvkn6BQZWvd2+Vk2RCq2KWzRph0lviU4XMuiME9xbDHav5
cTNYol9pWw6gnvbp10ub0etNRnVOj6MW1oa8Bc50jWLkcoVjXZWLa6yKxhOVa4FZ
thR86bNz+zNjGsLj1u2A53kPaQLL8Zk+c1f/3XotCelDFLx5i1/BaHCvX5Xw1z8y
9yt2BsWYL/McmTLtKniX53jxCZ+2Vkk7o7NPd42f0QIDAQABo1kwVzA2BgNVHREE
LzAtgglsb2NhbGhvc3SGIGh0dHBzOi8vbG9jYWxob3N0L2lkcC9zaGliYm9sZXRo
MB0GA1UdDgQWBBRlQg+b+etC6n20QE7kHBYH61V/fDANBgkqhkiG9w0BAQUFAAOC
AQEADln/5a7HTtneN2xBJDkPd5Dy8lVu+AAAXQ/BEGQ9MHuPGpVWhkqJ3ADaQmBy
eaETtCo7c3tnmANF/hUKVTe7IwQ08cOck+DCBJkg75d8kGWDH/Oex1BZct2fyHZ4
fzAspdFCTBctYlpd7Y924qVqbRnvs9MSJZeiI4//aoksV/JottBpZtSKDpDvgDuP
wDu6HO3836rEsulVvM8s+MKyrxOwCiAZOeMKK20galVo+O47IzhmmW3qoWr4v2lt
dxNDpUXamymB84SywjP+puQxhCw/WwgKOhiBhOf4sC52k574WuzVSoOE1lCqeWCq
7m0g1OugkEnrHYXzU/EKOOgryw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></KeyDescriptor><ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://my.publicdomainip.com/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/><ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://my.publicdomainip.com/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/><NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat><NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat><SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://my.publicdomainip.com/idp/profile/Shibboleth/SSO"/><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://my.publicdomainip.com/idp/profile/SAML2/POST/SSO"/><SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://my.publicdomainip.com/idp/profile/SAML2/POST-SimpleSign/SSO"/><SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://my.publicdomainip.com/idp/profile/SAML2/Redirect/SSO"/></IDPSSODescriptor><AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol"><Extensions><shibmd:Scope regexp="false"/></Extensions><KeyDescriptor><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDDzCCAfegAwIBAgIUVLm52qjJYNuDIE4NUQw/qUh2/dQwDQYJKoZIhvcNAQEF
BQAwFDESMBAGA1UEAxMJbG9jYWxob3N0MB4XDTEyMTAwNDE3MTA1MloXDTMyMTAw
NDE3MTA1MlowFDESMBAGA1UEAxMJbG9jYWxob3N0MIIBIjANBgkqhkiG9w0BAQEF
AAOCAQ8AMIIBCgKCAQEAgbMWau8xD7wm3WmY8tlVT5ASeb1AlAr/X62OBaedd9jJ
p4ThzNBL+jAXwoxUgppOLV7XSQmNI7FA5Xm1KW84SQfdGJuvxYBdk/iKtzFbZmww
5ldnmYpkOPeC/4IFpehvkn6BQZWvd2+Vk2RCq2KWzRph0lviU4XMuiME9xbDHav5
cTNYol9pWw6gnvbp10ub0etNRnVOj6MW1oa8Bc50jWLkcoVjXZWLa6yKxhOVa4FZ
thR86bNz+zNjGsLj1u2A53kPaQLL8Zk+c1f/3XotCelDFLx5i1/BaHCvX5Xw1z8y
9yt2BsWYL/McmTLtKniX53jxCZ+2Vkk7o7NPd42f0QIDAQABo1kwVzA2BgNVHREE
LzAtgglsb2NhbGhvc3SGIGh0dHBzOi8vbG9jYWxob3N0L2lkcC9zaGliYm9sZXRo
MB0GA1UdDgQWBBRlQg+b+etC6n20QE7kHBYH61V/fDANBgkqhkiG9w0BAQUFAAOC
AQEADln/5a7HTtneN2xBJDkPd5Dy8lVu+AAAXQ/BEGQ9MHuPGpVWhkqJ3ADaQmBy
eaETtCo7c3tnmANF/hUKVTe7IwQ08cOck+DCBJkg75d8kGWDH/Oex1BZct2fyHZ4
fzAspdFCTBctYlpd7Y924qVqbRnvs9MSJZeiI4//aoksV/JottBpZtSKDpDvgDuP
wDu6HO3836rEsulVvM8s+MKyrxOwCiAZOeMKK20galVo+O47IzhmmW3qoWr4v2lt
dxNDpUXamymB84SywjP+puQxhCw/WwgKOhiBhOf4sC52k574WuzVSoOE1lCqeWCq
7m0g1OugkEnrHYXzU/EKOOgryw==</ds:X509Certificate></ds:X509Data></ds:KeyInfo></KeyDescriptor><AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://my.publicdomainip.com/idp/profile/SAML1/SOAP/AttributeQuery"/><AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://my.publicdomainip.com/idp/profile/SAML2/SOAP/AttributeQuery"/><NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat><NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat></AttributeAuthorityDescriptor></EntityDescriptor>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20121103/a12bcc96/attachment-0001.html
More information about the users
mailing list