Need help in shibboleth configuration

bhupendra.a.singh at bhupendra.a.singh at
Mon May 15 11:36:06 EDT 2017

Thanks Scott for the quick reply. I am using the below URL to generate the Metadata and it (metadata) was a typo.

Metadata URL:

While hitting the below URL getting error:

[root at ip-172-31-2-102 ec2-user]# wget https://localhost/Shibboleth.sso/Status --no-check-certificate
--2017-05-15 11:33:21--  https://localhost/Shibboleth.sso/Status
Resolving localhost (localhost)... ::1,
Connecting to localhost (localhost)|::1|:443... connected.
WARNING: no certificate subject alternative name matches
        requested host name 'localhost'.
HTTP request sent, awaiting response... 403 Forbidden
2017-05-15 11:33:21 ERROR 403: Forbidden.

Please let me know if you need more information.

Thanks  & Regards,
-----Original Message-----
From: users [mailto:users-bounces at] On Behalf Of Cantor, Scott
Sent: Monday, May 15, 2017 8:28 PM
To: users at (users at <users at>
Subject: RE: Need help in shibboleth configuration

> I have requirement to implement the enterprise single sign on using
> shibboleth on RHEL 7 and integrate it with ADFS. I have install and
> configure the shibboleth with apache webserver but currently when I am
> trying the generate the metadata file I am getting error "Metadata request Failed".

"Generating" metadata is not a necessary approach, you should be able to craft the metadata yourself.

Among other things, your log shows you accessing the metadata generator at the wrong location (it's /Metadata, not /metadata) and doing so with shibd not running.

-- Scott

To unsubscribe from this list send an email to users-unsubscribe at


This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy.

More information about the users mailing list