multiple sp hosts behind a firewall/proxy etc

Cantor, Scott cantor.2 at
Sun May 24 15:14:55 EDT 2015

On 5/24/15, 4:43 AM, "Musil, William" <wmusil at> wrote:

>OK Scott and Peter, I guess I am still not getting it.
>I created a keypair with the proxy name ( as hostname and entity, and a shibboleth2.xml that I created using testshib page.

The name in the cert means nothing whatsoever.

>Failed to decrypt assertion: Unable to resolve any key decryption keys

Then the testshib IdP is using a different key to encrypt under than the SP receiving it is using.

-- Scott

More information about the users mailing list