SP Configuration issue
Cantor, Scott
cantor.2 at osu.edu
Thu Apr 3 22:07:08 EDT 2014
On 4/3/14, 9:56 PM, "Eric Stein" <steine at locustec.com> wrote:
>but all the Location attribute URIs have foo.mycompany.com in them. I did
>a search of all files in my shibboleth installation, and bar.mycmpny.com
>only shows up in the generated metadata.
Your description implies that it isn't in the metadata at all, other than
by way of the certificate generated when you installed the SP. Nor does it
matter what's in that certificate in practice.
> I *think* this is what's causing my relying party error.
Very unlikely, but since I don't know what "relying party error" means, I
couldn't say for certain.
> So I guess my questions are:
>0) where is shibboleth getting the key name and cert subject name from?
>From the certificate it generated during installation.
>1) why doesn't fixing them manually to be foo.mycompany.com work?
I guess that depends on what you did, but the certificate is whatever you
configure it to be, and the metadata is never to be generated and used
directly without modification, so it's entirely under your control what
you give to others.
>2) could this be causing my relying party problem, or is it just a red
>herring?
I don't know what the problem is since you didn't describe it, but I doubt
it has anything to do with it.
-- Scott
More information about the users
mailing list