Shibboleth with AWS Cloudfront

Cantor, Scott cantor.2 at
Thu Nov 14 09:36:03 EST 2019

On 11/14/19, 9:29 AM, "users on behalf of Wessel, Keith" <users-bounces at on behalf of kwessel at> wrote:

> No problem, Shannon. The important things are to set handlerSSL to false and cookieProps to http in shibboleth2.xml.
> If using Apache, you’ll also need to set the Apache ServerName directive to a full https://hostname.tld:443 

Those are essentially inconsistent. If you properly virtualize, then the SP is logically operating over TLS regardless of the physical parameters.
-- Scott

More information about the users mailing list