need help with Shibboleth IDP 3.0 installation

Hong Ye hy93 at cornell.edu
Mon Jan 12 13:34:30 EST 2015


Thanks everyone. Now I have IDP running with lots of error in idp-warn.log. Should JCEKS be created when running install.sh?
..
a secret key and key version file for securing cookies and other data produced by the IdP for its own use (this is a special Java keystore of type "JCEKS”)
..


2015-01-12 13:08:52,478 - WARN [org.opensaml.xmlsec.config.JavaCryptoValidationInitializer:73] - The JCE providers currently configured in the JVM do not support
required capabilities for XML Encryption, either the 'AES' cipher algorithm
or the 'ISO10126Padding' padding scheme

2015-01-12 13:08:53,590 - ERROR [net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategy:297] - Error loading key named 'secret1'
java.security.KeyStoreException: JCEKS not found
        at java.security.KeyStore.getInstance(KeyStore.java:839)
Caused by: java.security.NoSuchAlgorithmException: JCEKS KeyStore not available
        at sun.security.jca.GetInstance.getInstance(GetInstance.java:159)
2015-01-12 13:08:53,593 - ERROR [net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategy:225] - Error loading default key from base name 'secret'
java.security.KeyException: java.security.KeyStoreException: JCEKS not found
        at net.shibboleth.utilities.java.support.security.BasicKeystoreKeyStrategy.getKey(BasicKeystoreKeyStrategy.java:298)
Caused by: java.security.KeyStoreException: JCEKS not found
        at java.security.KeyStore.getInstance(KeyStore.java:839)
Caused by: java.security.NoSuchAlgorithmException: JCEKS KeyStore not available


On Jan 12, 2015, at 12:33 PM, Rod Widdowson <rdw at steadingsoftware.com<mailto:rdw at steadingsoftware.com>> wrote:

Unable to find '/conf/idp.properties' at well known locations
'[/opt/shibboleth-idp]'

If you are installing to a non-default location then you need to define the
system property "idp.home" when you start your container

"java -mumble -cp mumble -Didp.home=/app/shibboleth/shibboleth-idp"

/Rod

--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net<mailto:users-unsubscribe at shibboleth.net>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20150112/fe961139/attachment.html 


More information about the users mailing list