multiple vhost , single SP question

Sean McHugh sean8sean at gmail.com
Thu Nov 15 12:01:38 EST 2012


On Thu, Nov 15, 2012 at 11:52 AM, Cantor, Scott <cantor.2 at osu.edu> wrote:

> On 11/15/12 11:50 AM, "Sean McHugh" <sean8sean at gmail.com> wrote:
>


> You would have to wait for 2.5.1 to be out, but I'm not aware that Apache
> 2.2 doesn't support SNI, is that the case?
>
>
apologies ... you are correct - SNI is supported in 2.2.12+  with mod_ssl
built against OpenSSL 0.9.9 or later

not sure where i got 2.4 stuck in my head


> >i guess this is more of my own ignorance and misunderstanding ... can i
> >force the ACS value in the AuthNRequest to be
> >https://defaultSSLvhost  when the client has initially visited
> >http://nonSSLvhost  ?
>
> Yes, but I don't see what that buys you unless your goal is to deploy all
> those certs and then not protect your applications with them.
>
>
I think i need to re-read the wiki before continuing this thread.   b/c
from the answers i'm getting, i feel like i'm missing something obvious

I only wish to have 1 cert for the _defaul_:443 vhost and direct the
AuthNRequest ACS to that hostname only,
when a request is made to any of the non-ssl vhosts




> -- Scott
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20121115/6137a793/attachment.html 


More information about the users mailing list