Wessel, Keith kwessel at
Fri Apr 11 16:04:31 EDT 2014

This is a silly question, but I'm going to ask it anyway.

I've always maintained idp.jks along with idp.key and idp.crt for my IDP installation.

I know idp.key and idp.jks are used as security credentials for signing... the .key file in particular.

But it seems to me that nothing's using idp.jks since we have Apache fronting Tomcat. Is that correct? Is idp.jks in the default Shib installation only intended as a keystore for installations with Tomcat answering connections on 8443 directly?


More information about the users mailing list