multiple vhost , single SP question

Cantor, Scott cantor.2 at
Thu Nov 15 11:52:14 EST 2012

On 11/15/12 11:50 AM, "Sean McHugh" <sean8sean at> wrote:
>yes, i've considered this ... client requirements are flexible, but i've
>been a bit trepidatious about moving to Apache 2.4 with Shib SP ... i've
>seen some bugs on the wiki that I'll need to find out impact to our

You would have to wait for 2.5.1 to be out, but I'm not aware that Apache
2.2 doesn't support SNI, is that the case?

>i guess this is more of my own ignorance and misunderstanding ... can i
>force the ACS value in the AuthNRequest to be
>https://defaultSSLvhost  when the client has initially visited
>http://nonSSLvhost  ?

Yes, but I don't see what that buys you unless your goal is to deploy all
those certs and then not protect your applications with them.

-- Scott

More information about the users mailing list