SP CredentialResolver locally signed SSL certificate

Tom Noonan tom at joinroot.com
Tue Feb 27 11:13:35 EST 2018

I'm currently using a self-signed certificate for the SP Credential
resolver, by config for this is same as the example:

<CredentialResolver type="File" key="/etc/shibboleth/sp.key"

This works fine, I have no login errors.  However, I'm not clear on how
this certificate is used.  Am I opening myself up to spoofing attacks by
using a self-signed certificate for this?

--Tom Noonan II
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20180227/1691ed76/attachment.html>

More information about the users mailing list