IDP is not running well on remote unix server.
sumanth jagga
sjagga at hotmail.com
Fri Feb 15 11:27:51 EST 2013
Hello,
I am trying to run IDP on a remote unix host. I am seeing a ssl error from another desktop when I access through firefox, I accept the certificate and store it but still I see this...At this point on the remote unix machine I simply have Apache tomcat and shibboleth IDP installed. I want to access the URL https://dnsa-e2-saml.cde.abcd.com:8443/idp/status.
An error occurred during a connection to dnsa-e2-saml.cde.abcd.com:8443.
SSL peer cannot verify your certificate.
(Error code: ssl_error_bad_cert_alert)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
====================SET UP ON REMOTE UNIX SERVER============================
hostname : dnsa-e2-saml.cde.abcd.com
cat /etc/hosts
10.175.137.0 dnsa-e2-saml.cde.abcd.com
Installed Tomcat Apache 6.
server.xml content -->
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8443"
protocol="org.apache.coyote.http11.Http11Protocol"
SSLImplementation="edu.internet2.middleware.security.tomcat6.DelegateToApplicationJSSEImplementation"
scheme="https"
SSLEnabled="true"
clientAuth="true" --> Changed this to "want" the error was "HTTP requires authentication"
keystoreFile="/home/shibidp/shibboleth/idp/credentials/idp.jks"
keystorePass="myself" />
Installed IDP as stated below gave the correct hostname like above
[shibidp at dnsa-e2-saml shibboleth-identityprovider-2.3.8]$ ./install.sh
Buildfile: src/installer/resources/build.xml
install:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Be sure you have read the installation/upgrade instructions on the Shibboleth website before proceeding.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Where should the Shibboleth Identity Provider software be installed? [/home/shibidp/shibboleth/idp]
/home/shibidp/shibboleth/idp
The directory '/home/shibidp/shibboleth/idp' already exists. Would you like to overwrite this Shibboleth configuration? (yes, [no])
yes
What is the fully qualified hostname of the Shibboleth Identity Provider server? [idp.example.com]
dnsa-e2-saml.cde.abcd.com
A keystore is about to be generated for you. Please enter a password that will be used to protect it.
myself
Updating property file: /home/shibidp/shibboleth-identityprovider-2.3.8/src/installer/resources/install.properties
Created dir: /home/shibidp/shibboleth/idp/bin
Created dir: /home/shibidp/shibboleth/idp/conf
Created dir: /home/shibidp/shibboleth/idp/credentials
Created dir: /home/shibidp/shibboleth/idp/lib
Created dir: /home/shibidp/shibboleth/idp/lib/endorsed
Created dir: /home/shibidp/shibboleth/idp/logs
Created dir: /home/shibidp/shibboleth/idp/metadata
Created dir: /home/shibidp/shibboleth/idp/war
Generating signing and encryption key, certificate, and keystore.
Copying 5 files to /home/shibidp/shibboleth/idp/bin
Copying 8 files to /home/shibidp/shibboleth/idp/conf
Copying 1 file to /home/shibidp/shibboleth/idp/metadata
Copying 51 files to /home/shibidp/shibboleth/idp/lib
Copying 5 files to /home/shibidp/shibboleth/idp/lib/endorsed
Copying 1 file to /home/shibidp/shibboleth-identityprovider-2.3.8/src/installer
Building war: /home/shibidp/shibboleth-identityprovider-2.3.8/src/installer/idp.war
Copying 1 file to /home/shibidp/shibboleth/idp/war
Deleting: /home/shibidp/shibboleth-identityprovider-2.3.8/src/installer/web.xml
Deleting: /home/shibidp/shibboleth-identityprovider-2.3.8/src/installer/idp.war
BUILD SUCCESSFUL
Total time: 38 seconds
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130215/8aefa483/attachment-0001.html
More information about the users
mailing list