SP Reverse proxy and handlerSSL
Cantor, Scott
cantor.2 at osu.edu
Tue Nov 27 22:18:05 EST 2012
On 11/27/12 10:01 PM, "Brian Mathis" <brian.mathis at gmail.com> wrote:
>I do not have handlerSSL set in my shibboleth2.xml config for the
>Sessions, so the default is "true". However, I am not seeing any
>problems in this configuration, and so far all my tests are working. I
>tried to set it to "false", and also explicitly set to
> "true", but it does not seem to affect the operation of the SP.
The only time handlerSSL is going to matter is if you're serving http://
requests. Your server here is virtualized to think everything it handles
is https://, so there's no case where it would come into play no matter
what it's set to.
>What's going on here? I don't want to miss something that might crop up
>later.
The only thing I can think you're concerned about is a log warning, but
leaving aside that the purpose of the warning is just to guard against
non-ideal settings you don't intend to use, if your server is hosting
nothing but https:// requests, there's no reason to ever set handlerSSL to
false (or indeed to set it at all in such a case).
-- Scott
More information about the users
mailing list