configuring shibboleth on AWS using ELB

Nate Klingenstein ndk at
Mon Nov 25 19:54:09 EST 2019


For what it's worth, we've configured a lot of IdP's and SP's in AWS, including SAMLtest.  It's pretty straightforward: ELB, target groups, and instances, just wired together properly.  There's really nothing special about it.

I often do it for single instances just because I like having ELB in between the world and me.  It doesn't really provide anything that security groups wouldn't other than IP address obfuscation, so it's more of a security blanket than a necessary piece of infrastructure, but hey.

Take care,




The Art of Access ®

Nate Klingenstein | Principal 

-----Original message-----
From: Deirdre Kirmis
Sent: Monday, November 25 2019, 4:30 pm
To: users at
Subject: configuring shibboleth on AWS using ELB

Hi all…prefacing this to say that I am new to AWS and new to configuring shibboleth. I was wondering if anyone has successfully configured shibboleth on an AWS instance that is running https via a load balancer. I installed and configured shib, send/received metadata from my IDP, but when I generate my metadata file, the certs are not included, and the sp-cert.pem and sp-key.pem files did not get created. Do I still need to “configure” https locally on the server, and if so, how, and how do I fix my shib config?

Thanks for any help!



For Consortium Member technical support, see

To unsubscribe from this list send an email to users-unsubscribe at

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list