mac check in GCM failed Errors
Ullfig, Roberto Alfredo
rullfig at uic.edu
Mon Mar 12 09:19:05 EDT 2018
So there's no solution?
---
Roberto Ullfig - rullfig at uic.edu
IT Technical Associate
Enterprise Architecture and Development | ACCC
University of Illinois - Chicago
-----Original Message-----
From: users [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
Sent: Monday, March 12, 2018 8:12 AM
To: Shib Users <users at shibboleth.net>
Subject: RE: mac check in GCM failed Errors
> It appears related to the two sealer files in credentials and I
> believe I should have just copied these two files over to the standby
> server before doing the CNAME switch.
If you choose to use client storage then by definition every node must have an identical set of keys at all times.
> I expected the errors to go away over the weekend but I still see
> them. Are the IDP sessions supposed to last that long?
The IdP can't tell a session has expired until it decrypts the data and finds that out.
-- Scott
--
For Consortium Member technical support, see https://wiki.shibboleth.net/confluence/x/coFAAg
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
More information about the users
mailing list