multiple vhost , single SP question

Cantor, Scott cantor.2 at
Thu Nov 15 11:59:23 EST 2012

On 11/15/12 11:54 AM, "Peter Schober" <peter.schober at> wrote:

>* Cantor, Scott <cantor.2 at> [2012-11-15 17:52]:
>> Yes, but I don't see what that buys you unless your goal is to
>> deploy all those certs and then not protect your applications with
>> them.
>Getting around the HTTP POST from SSL (IdP) to non-SSL (SP) security
>warning in the user agent, IIRC,

I get that part, but if you've done the work to make SSL on the vhost
possible, why turn it off for the app? 10 years ago, yes, for performance,
but today?

-- Scott

More information about the users mailing list