StartTLS problem
Peter Schober
peter.schober at univie.ac.at
Thu Feb 28 09:46:09 EST 2013
* Rastko Isajev <risajev at calliduscloud.com> [2013-02-28 15:11]:
> I am facing with problems because of StartTLS that is mandatory when
> Shibboleth is calling LDAP connection handler.
The Shibboleth software does not have such a requirement, but your DSA
might have.
If your LDAP server requires the use of TLS and your IdP's JVM cannot
trust the certificate you need to fix one or the other:
Get a proper certificate onto the LDAP server or configure the IdP's
JVM so it has a valid trust path to the issuer of the LDAP server
certificate (e.g. by adding any missing CA or intermediary CA
certificates into the trust store).
Either way, Shibboleth has no role in this.
-peter
More information about the users
mailing list