configuring shibboleth on AWS using ELB
cantor.2 at osu.edu
Mon Nov 25 18:55:05 EST 2019
On 11/25/19, 6:30 PM, "users on behalf of Deirdre Kirmis" <users-bounces at shibboleth.net on behalf of Deirdre.Kirmis at asu.edu> wrote:
> the certs are not included
Metadata is solely subject to your creation and control, so it has in it what you put in it, keys included. It is not generated other than for sample purposes.
> and the sp-cert.pem and sp-key.pem files did not get created.
The supported version of the SP generates two keypairs, one for signing, and one for encryption, neither one by that name anymore.
> Do I still need to “configure” https locally on the server
What you configure it to do is what you need it to do. Most people don't offload TLS anymore, they run it on every leg, but that's not anybody else's decision to make. As long as ServerName is set correctly to account for whatever virtualization is being done, the SP doesn't care.
More information about the users